Associate Information Security Director
Johnston
Exp 2-5 years
Degree Bachelors
Relo
Bonus
Job Description
Our company combines innovation and technology to produce exceptional equipment and services that delight our customers. We are a world leader in providing advanced products and services and are committed to the success of customers whose work is linked to the land – those who cultivate, harvest, transform, enrich and build upon the land to meet the world’s dramatically increasing need for food, fuel, shelter and infrastructure. Since 1837, our company has delivered innovative products of superior quality built on a tradition of integrity. We make our company a great place to work through an emphasis on work-life balance and a values-based culture that encourages professional development and community involvement.
As a global organization with vast technological resources, our company can offer IT professionals a virtual world of opportunity. Whether your interest is application development, infrastructure, architecture or project management, our company can offer you challenges that will exceed your expectations.
What You'll Do
Our company is located in Johnston, IA, the Associate Information Security Director is the senior corporate security professional servicing the business unit. This role is the primary strategic voice to effectively negotiate the intersection of business pursuits, threat landscape, and Deere's centralized cybersecurity services. The role demands strong strategic focus, effective communication and collaboration skills, executive presence and a deep understanding of the finance industry. The Associate Information Security Director role encompasses key stakeholder relationships with Legal, Human Resources, Compliance, Information Technology, Audit, Supply Management and Executive Leadership functions. Additionally, you will:
• Provide critical leadership related to strategy, regulatory compliance; demand planning, project prioritization, specification and deployment of new services and operational oversight for all cybersecurity activities across our company.
• Act as the single point to accountability and delivery for President, General Counsel and IT Director.
• Be responsible for the oversight of Deere's Global Information Security (GSEC) metrics in service and soliciting & obtaining resources, both CORP GSEC to achieve approved targets.
• Develop and implement information security strategy, assuring alignment with the GSEC security strategy.
• Broker existing GSEC services to execute risk assessments against locations, infrastructure, applications, systems, and services.
• Coordinate with GSEC and Enterprise Security & Preparedness organization (ES&P) to address incident response and assure timely, accurate concise communications to key business leaders.
• Provide leadership and expertise to the Senior Leadership team on core functional business processes ensuring that key security priorities are addressed.
• Ensure that all business activities are performed in a secure and compliant manner, meeting all Deere internal and external standards and controls.
• Participate in the strategic planning and budgeting processes.
• Build and leverage existing finance industry relationships to identify industry leading practices, stay current on industry threats and benchmark cybersecurity services and performance.
• Manage cybersecurity architecture resources to: Assure compliance with existing policies and standards; Maintain security posture of existing infrastructure and applications; Engineer security into lifecycle of new infrastructure, applications, products and services.
• Manage cybersecurity risk and liability related to divestitures, acquisitions and joint-ventures.
• Partner with Supply Management and Legal organizations to review vendor contracts and suppliers.
• Provide subject matter expertise and cybersecurity leadership to our Enterprise Risk Committees.
• Partner with GSEC, ES&P, Legal, Compliance, Supply Management and business leaders to establish, deploy, and enforce cybersecurity policies and procedures.
• Provide oversight to global IT improvement projects and policy changes - Ex. Data Protection, Data Masking, Data Monitoring, Record Retention, etc.
Qualifications
We need an excellent communicator, who thrives on solving problems and working in a team environment. Ideally you will have a Bachelor’s degree in Information Security, Management Information Systems, Computer Science, Computer Engineering or equivalent experience. In addition, we require:
• 8+ years of direct information security experience within the finance and banking industry.
• Experience as Manager of Information Security or Deputy Director of Information Security or other senior security-related function.
• Certified Information Systems Security Professional (CISSP) certification.
• Project management skills; financial / budget management, scheduling and resource management.
• Excellent verbal and written communication skills, persuasion, and the ability to communicate security and risk-related concepts to technical and non-technical audiences.
• High degree of initiative and dependability.
• High level of personal integrity, and the ability to professionally handle confidential matters.
• Good understanding of risk management methodologies and implementation in an IT organization.
• Proven ability to manage to financial goals, both in own area, and in support of a larger entity.
• Proven ability to build strong teams; recruit top talent and develop colleagues at all levels.
• Highly ethical, self-motivated, conceptual manager with a sense of ownership and creative drive to get things done.
• Deep security experience, a believable party with particular depth in one or more key areas, such as IP protection or securing distributed computing environments against insider threat.
• Good understanding of enterprise class technology, having worked with prior in career complex IT infrastructure and applications.
• Collaborative mindset, with ability to achieve creative, win-win solutions.
A strong candidate will also have:
• Demonstrable past working experience in identifying, assessing, and resolving complex information security problems, devising plans to address those problems, and successful execution of those plans.
• Strong interest in and proven track record with challenging assignments.
• Hands-on information security experience specific to the finance industry, point-of-sale systems, eCommerce, SAP, etc.
• Subject-Matter-Expert related to global financial regulatory requirements specific to cybersecurity, information technology, data privacy and legal compliance, i.e. PCI, GLBA, FRB, etc.
• Additional certifications such as CISA, CISM, CRISC, CPP, CFE.
What You’ll Get
At our company, you are empowered to create a career that will take you to where you want to go. Here, you'll enjoy the freedom to explore new projects, the support to think outside the box and the advanced tools and technology that foster innovation and achievement. We offer comprehensive relocation and reward packages to help you get started on your new career path. Click here to find out more about our Total Rewards Package.
Can you imagine the challenge of a lifetime and a rewards package that makes it all worthwhile?
The information contained herein is not intended to be an exhaustive list of all responsibilities and qualifications required of individuals performing the job. The qualifications detailed in this job description are not considered the minimum requirements necessary to perform the job, but rather as guidelines. Our company is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to, among other things, race, religion, color, national origin, sex, age, sexual orientation, gender identity, status as a protected veteran, or status as a qualified individual with disability.
