Security Architect- Emerging Threats and Security Capabilities
At Monsanto, the challenges we face are sometimes microscopic, sometimes global and sometimes both. However, our commitment to technology is unwavering. Monsanto IT integrates technology and scientific expertise into our efforts to revolutionize plant breeding and biotechnology. As an IT professional with Monsanto, the work you perform will be interesting and challenging, and you”ll be involved in the development of new systems and applications. In the process your work will directly contribute to our mission of helping the world”s farmers produce more with less resources.
The Monsanto Information Security Office seeks a Security Architect to join its dynamic and high-performing team. This position is accountable for assisting management in the creation and implementation of our global emerging risks and security strategy for a variety of operating environments. The team works to identify and secure critical data, and new environments, across each business segment of Monsanto. This position is empowered to grow the cloud security strategy and partner with key business stakeholders to ensure understanding of and alignment with their business goals.
- Developing the cloud security strategy. Accountable for partnering with stakeholders, IT and Business Teams to ensure understanding of and alignment with their business goals to develop a cloud and emerging risks security strategy for Monsanto globally
- Influencing the strategy around security and control requirements for long term enterprise projects
- Collaborate with internal business partners to develop long term security strategies helping to enable business strategies
- Working with the Digital Strategy team to identify security product vendor relationships pertaining to; cloud, IoT and emerging security ventures. Responsible for recommendations involving the selection and deployment of 3 rd party data security products
- Perform Vendor Assessments, and documentation of recommendations
- Documentation of security strategies (Cloud, Managed Services, Reference Architectures), deployment plans, and business data focus
- Leading work group discussions across business units
- Minimum of High School Diploma or equivalent required.
- 5-7 years Information Security experience, required.
- Demonstrated knowledge of managed services and security best practices, required.
- Demonstrated knowledge of data Encryption technologies applied against: Regulated structured data, Unstructured data, Backups, Email, File Sharing, required.
- Applied knowledge and/or experience in two or more of the following Monitoring technologies: Central Logging, Data Access Monitoring, DLP, Big Data Analytics, Advanced Perimeter Monitoring, Endpoint Malware & Monitoring, Digital Rights Management, required.
- Applied knowledge and/or experience in two or more of the following Access Control technologies: Access Governance, GRC, PAAM, Network Access Control, Tokenization, Identity Access Management, Database Permissions, Digital Rights Management, required.
- Demonstrated knowledge and experience with implementing a security control framework (ISO, NIST, COBIT), required.
- Demonstrated ability to engage with senior leaders to define requirements and implement technology solutions that add value and reduce risk
- Demonstrated knowledge and experience with managing complex projects
- Strong foundational knowledge of all domains of security
- Process oriented and strong documentation skills
- Strong communication and interpersonal skills
- Strong written skills and presentation skills
- Bachelor”s Degree
- CISSP or other related IT Security certification.
- Knowledge of cloud security best practices.
- Information Security experience with background in Security Architecture, desired.
- Applied knowledge and/or experience with information security policy and standard development, enforcement and compliance with internal controls
- Knowledge of industry regulations related to PII, PHI and PCI data
- Experience in BCP/DR, Retention & Legal Hold, Security Council, Information Security Training & Awareness
- Experience in driving a project from the inception of a strategy, definition of requirements, product selection, implementation, and into operational support. This would include project management and organizational skills
- Highly technical across a broad range of computing platforms and network protocols
- Background in Agriculture, Biotechnology, or other industry specific experience a plus