Senior Security Architect

Posted:
6/10/2026, 5:00:00 PM

Location(s):
State of São Paulo, Brazil

Experience Level(s):
Senior

Field(s):
IT & Security ⋅ Software Engineering

Workplace Type:
Hybrid

Job Description:

The Enabling Services SR Security Architect is responsible for defining, governing, and evolving security standards and reference architectures across Enabling Services, aligned with the Mars Cybersecurity Framework.  

This role ensures a consistent, risk-based, and secure-by-design approach across cloud, network, data protection, SRE, and infrastructure domains, enabling secure digital transformation and regulatory compliance.  

Key Responsibilities:

1. Security Governance & Strategy

  • Define and maintain security standards, policies, and guardrails.

  • Establish governance models (roles, responsibilities, accountability).

  • Align cloud, network, and SRE security with enterprise risk management.

  • Ensure compliance with regulatory and industry frameworks.

2. Risk & Asset Management

  • Define standards for asset inventory, data classification, and Zero Trust architecture.

  • Lead threat modeling and risk assessments.

  • Establish risk identification, prioritization, and third-party risk practices.

3. Security Architecture

  • Design and govern secure reference architectures across:

    • Cloud, network, and infrastructure

    • IAM, encryption, and key management

  • Define baseline security controls (multi-cloud, hybrid environments).

  • Enforce principles such as least privilege, defense-in-depth, and zero trust.

4. Monitoring & Detection

  • Define requirements for logging, monitoring, and SIEM integration.

  • Establish standards for log collection, retention, and threat detection use cases.

  • Promote adoption of cloud-native observability and security tools.

5. Incident Response & Resilience

  • Define incident response frameworks and playbooks in collaboration with SecOps.

  • Ensure integration with SOC/SOAR capabilities.

  • Support recovery and resilience strategies.

6. Security Assurance & Compliance

  • Define and enforce security control frameworks and baselines.

  • Support audits and compliance assessments.

  • Enable continuous compliance monitoring.

7. DevSecOps & Automation

  • Embed security into CI/CD pipelines (SAST, DAST, SCA).

  • Promote Infrastructure-as-Code (IaC) security and policy-as-code.

  • Drive security automation and standardized controls.

Key Deliverables

  • Security standards and policies

  • Reference architectures and guardrails

  • Cloud and infrastructure security baselines

  • Control frameworks and mappings (e.g., NIST CSF)

  • Risk assessment frameworks

Skills & Expertise

  • Cloud (AWS, Azure, GCP), Network Security, Infrastructure, Backup & DR

  • Observability (Azure Monitor, Datadog), SIEM/SOAR

  • NIST CSF, NIST 800-53, CIS, ISO 27001

  • DevSecOps, IaC, automation, and SRE practices

  • Strategic thinking and strong architecture mindset

  • Stakeholder management and communication

  • Ability to translate risk into actionable standards

#TBdigital

#hybrid

Mars

Website: https://www.mars.com/

Headquarter Location: Mclean, Virginia, United States

Employee Count: 10001+

Year Founded: 1911

IPO Status: Private

Last Funding Type: Debt Financing

Industries: Confectionery ⋅ Consumer Goods ⋅ Food and Beverage ⋅ Manufacturing