Product Manager, Product Security

United States

Full Time Senior-level / Expert
Nielsen logo

Nielsen

A global leader in audience insights, data and analytics, Nielsen shapes the future of media with accurate reports of what people listen to and watch.

View all employer listings

Apply now Apply later

The Nielsen Legal Team supports the company globally, protecting Nielsen’s business, products, intellectual property and reputation. The team places a focus on developing excellence and agility as we minimize risk and move the business forward. The team comprises attorneys, paralegals and legal assistants. Whether we’re solving a problem or averting a crisis, we are focused on creating the best environment possible to advance Nielsen’s reputation, preserve business opportunities, and help business to flourish. 
Nielsen, the leading company in advertising measurement and outcomes, is searching for an exceptional candidate to support the Product Security organization. This role will support the organization by refining a roadmap of service offerings to our internal clients, measuring the quality and quantity of that work, and overseeing the delivery of our services. As Nielsen constantly innovates to maintain its leadership in a changing marketplace, its Product Manager, Product Security will ensure that Nielsen's platforms and applications are built securely.
The Product Manager, Product Security accelerates secure software development and cloud security by helping define and deliver world-class product security services.  They will also play a major role in managing our program initiative of "shifting left" security practices in the DevSecOps lifecycle. 
A strong candidate for this role will need to maintain an understanding of changing business needs, build a culture of security in software engineering, and partner with leaders across Product, Cybersecurity, and Technology. 

Responsibilities

  • Product and Platform Security
  • The Product Manager, Product Security will execute Nielsen’s security strategy for our go-to-market products and platforms. In joint collaboration with Product Leadership, DevOps, Engineering, and Data Science teams, the Product Manager, Product Security will do the following: 
  • Define the capabilities of the Product Security team
  • Drive adoption of the right service delivery model for implementing new solutions, products, and modules.
  •  Identify and prototype key solutions required to drive improvement
  • Define, deploy, and track the quantity and quality of services that Product Security offers to the organization
  • Lead cross-functional strategy meetings related to driving adoption of security tools
  • Maintain an awareness and working knowledge of Product Security tools

  • Cybersecurity as a Product 
  • Nielsen is committed to a DevOps culture where best security practices are integrated, understood, and thrive--resulting in true DevSecOps. This is achieved through the utilization of modern technologies to automate security controls. As a Cloud-first organization, we operate and develop in an ecosystem where deployment and CI/CD pipelines can embed security measures that can achieve speed and scalability through technology. The Product Manager, Product Security will collaborate with teams to: 
  • Define and lead delivery of a portfolio of Product Security services that help business product teams accomplish security objectives
  • Own internal customer feedback end to end and use captured insights to create and manage service improvement roadmaps

  • Engineering & Developer Partnership 
  • To effect and maintain a culture of security within Nielsen’s engineering, technology, software development, business and operations teams, the Product Manager, Product Security with the Product Security team must: 
  • Maintain an open, collaborative, and consultative culture supported by outreach and education across Nielsen
  • Bring consistent focus on measuring and understanding value and impact of Product Security services Partner with teams early and proactively to serve as a stakeholder advocate
  • Share knowledge and actively bridge relationships into other verticals in the Cybersecurity organization

Qualifications

  • BS in a technical discipline with 8-years of experience or equivalent experience without a degree
  • Demonstrated expertise in product management with software and/or security teams
  • Exceptional written and verbal communication skills, with the ability  to communicate security objectives and concepts to engineering and business teams
  • Proficiency with product and program management methodologies including agile practices (example - Scaled Agile Framework), voice of the customer analysis, and service delivery metrics
  • Experience with SAST, DAST, SCA and penetration testing tools
  • High degree of comfort speaking about software development practices
  • Understanding of application and product architectures, programming languages, web application stacks, and SDLC pipelines
  • Strong interpersonal skills; capable of understanding business needs and translating them into architectural standards/diagrams; able to translate complex data and architectural concepts and principles into easily-understanding information by LOBs; ability to design and deliver architectural presentations to IT, senior leadership, and business partners
  • Ability to consistently challenge teams to define the “next action”

Preferred Qualifications

  • High comfort level with cloud providers including IaaS, PaaS, SaaS
  • Industry related certification such as Certified Information Security Manager (CISM), Certified Information Security Auditor (CISA), Certified Ethical Hacker (CEH), Certified in Risk and Information Systems Control (CRISC), or Certified Information Systems Security Professional (CISSP) are valued
  • General cyber security with sufficient knowledge of modern DevSecOps technologies such as:
  • Containers (Docker, Kubernetes, etc.)
  • Infrastructure as code (Docker, Ansible, Chef, Terraform, etc.)
  • Continuous integration / Continuous Deployment (Jenkins, etc.)
  • Integration of Security testing tools into pipeline
  • Defect and Issue tracking (Jira, ServiceNow etc.)
  • Source code management (GitLab, Github, BitBucket, etc.)
  • QA Testing tools (nUnit, jUnit, Selenium, Cucumber, etc.)
  • Application security testing tools (SAST, DAST, IAST, OSA, etc.)
  • Cloud Posture Assessment Tools
  • Cloud configuration Drift Detection
  • Unix, Linux, and Windows 
  • Cloud environment (AWS, Azure, GCP, etc)
Job perks/benefits: Career development
Job region: North America
Job country: United States
Job stats:  6  1  0
  • Share this job via
  • or

Other jobs like this

Explore more Cyber Security career opportunities

Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cybersecurity in general, filtered by job title or popular skill, toolset and products used.