At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity. Learn more at jnj.com.
As guided by Our Credo, Johnson & Johnson is responsible to our employees who work with us throughout the world. We provide an inclusive work environment where each person is considered as an individual. At Johnson & Johnson, we respect the diversity and dignity of our employees and recognize their merit.
**Job Function: **
Technology Enterprise Strategy & Security
**Job Sub Function: **
Security & Controls
Job Category:
Scientific/Technology
All Job Posting Locations:
São José dos Campos, São Paulo, Brazil
Job Description:
We are searching for the best talent for Principal, Database Security Engineering.
Role Objective:
Establish and operate a dedicated L3 Support function for Database Activity Monitoring (DAM) to strengthen data security, regulatory compliance, and incident response. This role brings hands-on expertise in IBM Guardium (or equivalent DAM), cloud and containerized environments, CI/CD, and database security operations to proactively protect, monitor, and audit critical data assets, with a focus on Guardium Data Protection (GDP) maintenance and optimization—installing patches/releases, resolving L1/L2 critical issues, supporting UAT, tuning GDP policies to reduce false positives, aiding security incident response, and updating documentation. This will improve security posture, shorten remediation times, and ensure ongoing compliance.
Key responsibilities:
- Install patches and new GDP releases on servers and agents
- Fix and resolve production issues advanced by L1/L2
- Support UAT tests
- Tune GDP policies to reduce false positives
- Assist security incident response
- Update and maintain documentation
Qualifications
- 7+ years in IT infrastructure and DBMS platform security risk management, vulnerability management/security configurations; relevant certifications (e.g., CISSP, GIAC, OSCP) preferred.
- Solid experience with SQL, database security hardening, CIS Benchmarks, cloud security solutions, Identity Management integrations, and threat modeling.
- Excellent collaborator of communication and executive reporting skills.
Nice-to-haves
- Experience with regulatory frameworks (NIST CSF, 800-53, ISO 27001, PCI-DSS, HIPAA).
- Prior experience conducting controlled exploitation simulations or red-team/blue-team exercises.
- Knowlegeable on AKS/EKS clusters, Docker containers, HELM Chart, XENA, Load balancers, TLS, and Network security.
Please note that this role is available across multiple countries and may be posted under different requisition numbers to comply with local requirements. While you are welcome to apply to any or all of the postings, we recommend focusing on the specific country(s) that align with your preferred location(s):
Sao Paulo, Sao Jose dos Campos | Brazil - Requisition Number: R-065396
- Warsaw | Poland - Requisition Number: R-065655
**Required Skills: **
Cybersecurity, Database Administration, Data Security, Data Security Management, Microsoft SQL Server DBA
Preferred Skills:
Business Process Design, Crisis Management, Critical Thinking, Information Security Auditing, Information Security Management System (ISMS), Information Technology (IT) Security Assessments, Information Technology Strategies, Mentorship, Organizing, Presentation Design, Process Optimization, Root Cause Analysis (RCA), Security Architecture Design, Security Policies, Technical Credibility, Vulnerability Management