Security Product Specialist – Business, Product, Technical Depth

Role Overview

• Lead the strategy and evolution of security products applied to platforms and digital journeys, focusing on business value, risk reduction, adoption and scale.
• Define and support the vision, positioning and roadmap for trust-based security platforms (e.g., Identity, API Protection, Hardening, Secrets/Keys, Trust Services), ensuring alignment with Business, Risk, Legal, Operations and Engineering stakeholders.
• Translate business needs into product and technical requirements: PRDs, epics, user stories, acceptance criteria and NFRs (SLA/SLO, auditability, resilience, privacy), ensuring clarity for development teams.
• Institutionalize standards and specifications as product capabilities and non-functional requirements: OWASP ASVS/API Security, CIS Benchmarks, OAuth 2.0, OpenID Connect, JWT, SAML, SCIM and NIST SP 800-63.
• Serve as the subject-matter expert for Identity Security products, driving product decisions for authentication, authorization, SSO, MFA, session management, tokens, application onboarding and integrations (internal and/or with customers/partners).
• Build business cases and monetization models (when applicable): packaging (tiers), pricing, unit economics, TCO/ROI, chargeback/showback, as well as value propositions and competitive differentiators.
• Conduct discovery and validation with customers/internal users, prioritize the backlog by impact (revenue, margin, risk, operational efficiency, experience) and reduce adoption friction (time-to-integrate and time-to-value).
• Define and enable enablement strategies (documentation, integration guides, reference implementations, SDKs and reusable patterns) in partnership with engineering to accelerate adoption and standardization.
• Define requirements and roadmap for Key & Secret Management and Trust Services: Vault/Secret Managers, policies, rotation, segregation, audit and automations; and HSM/KMS/PKI: custody, mTLS, lifecycle, cryptography and operational governance.
• Drive the evolution of hardening and secure-by-default as an offering/capability, influencing secure baselines in cloud/Kubernetes (policies, network, workloads, supply chain) with tangible and measurable deliverables.
• Raise DevSecOps maturity as a product/platform capability with automations, quality gates, systematic risk reduction, metrics and standards governance.
• Prepare and run RFPs and RFIs with vendors.
• Participate in critical incidents (especially identity and access) from a product perspective: impact assessment, prioritization, communication, RCA and structural roadmap changes to prevent recurrence.
• Lead by influence and mentor analysts/POs/consultants, increasing autonomy, consistency and quality in the specification and delivery of security products.

Requirements

• Solid experience in product/strategy (Product Manager, Product Specialist, Senior PO or equivalent) in the context of platforms and/or security, connecting business needs to technical execution.
• Proven ability to build and defend business cases and prioritize by value (ROI, TCO, risk, operational cost, impact on conversion/experience, adoption metrics).
• Strong ability to translate between business and engineering: write PRDs/epics/stories and detail NFRs (security, privacy, availability, auditability, performance) with clear acceptance criteria.
• Deep experience with identity and protocols: OAuth 2.0, OpenID Connect, JWT, SAML, SCIM and best practices aligned with NIST SP 800-63 — sufficient to discuss flows, threats, trade-offs and requirements.
• Applied knowledge of security patterns for applications and APIs (e.g., OWASP ASVS/API Security) and the ability to turn standards into product capabilities and features (e.g., controls, policies, SDKs, automations).
• Technical familiarity to discuss with engineering topics such as: – authentication/authorization architecture, SSO/MFA, sessions and tokens; – integrations, SDKs, reusable patterns and reference implementations; – observability, auditing and trails as product requirements.
• Practical/functional knowledge of Vault/Secret Managers and secret lifecycle (policies, rotation, segregation, audit, automation).
• Practical/functional knowledge of HSM/KMS/PKI and applied cryptography (mTLS, certificate lifecycle, custody, signing, encryption) — including the ability to discuss security vs performance.
• Familiarity with cloud/Kubernetes and hardening concepts (baseline, policies, network, workloads, supply chain) to specify requirements and guide the backlog with technical teams.
• Ability to lead multiple stakeholders and unblock decisions in complex environments, influencing without formal authority.
• Knowledge of category design and definitions according to TOGAF (desirable for structuring capabilities, ABB/SBB, principles and governance).
• Familiarity with and ability to work with Identity First frameworks.

Tech Stack

• Cloud
• Kubernetes
• Vault

Benefits

• Choose the ideal benefit for you and your dependents through a digital benefits platform with multiple categories, including gym, meal and grocery vouchers, pharmacy assistance, health plan, dental care and life insurance;
• Company mobile phone. Yes, a brand-new smartphone for you!
• Unlimited voice and data plan! Yes, unlimited! Vivo's 5G can be up to 10 times faster!
• An exclusive Vivo offer with special discounts on fixed-line, broadband, TV and apps;
• Eligible to receive an annual Bonus or PPR (performance-based bonus);
• Plan your future through our private pension plan;
• Have children? You will be eligible for a subsidy to help with school, daycare or nanny expenses;
• Work in an environment that respects your personality, dress style and way of being, and where you can be authentic. #VemdeVocê
• Work remotely up to 3 times per week. #Mobility
• Flexible working hours;
• Enjoy a day off (Day Off) to celebrate your birthday;
• Take part in one of the largest corporate volunteer programs to help you make an impact in the world;
• Benefit from our Educational Development Program offering partnership discounts with educational institutions; certifications and online courses;
• Boost your career through our Internal Recruitment Program, in Brazil or abroad — we are present in more than 17 countries! #VivoMinhaCarreira