The Security Architect is a key member of the Technology Governance Risk and Controls (TGRC) Security Architecture team which is responsible globally for both security architecture and Cargill’s Cloud Security Program.
This position will leverage their security, architecture, and dev/ops experience to manage risk for both cloud and on premises environments using innovative solutions that you create. The ability to develop reusable security architectures, create working prototypes, and partner with application teams to reduce risk will demonstrate success. Create risk mitigation through the development of detective, responsive, and preventative security controls that implement security architecture. Use big data technologies such as machine learning and visualization technologies to communicate compliance and alert risk. Use threat modeling and pen testing techniques to inform security architecture and security controls. This position will operate in an agile team environment so close collaboration with the team is valued.
Responsibilities include but are not limited to: developing security reference architectures, developing POC’s of security API’s and detective controls using serverless and other hosting technologies, apply pen testing concepts to enable test suites, and work with other teams in TGRC and across Cargill as a security advisor for key initiatives. Success will be measured by enabling teams to implement a secure application environment that allows these teams to automate development lifecycle and operate in an agile manner.
· Develop and leverage security knowledge to provide secure reference architectures that drive security controls to Cargill’s cloud and on premises environments.
· Lead Application Risk Management security architecture assessments for key applications.
· Develop and leverage your understanding of penetration testing to insure security controls are tested, comprehensive, and robust.
· Collaborate with other teams within TGRC, Digital Labs, and Cargill Businesses to automate security and enable their success by providing a secure compute environment.
· Considered an SME in two or more of the following areas: Cloud, Secure Software Development Lifecycle, Penetration Testing, Mobility, Identity & Access Management, Network security.
· Write high quality testable code that enables risk mitigation and alerting using CI/CD and secure SDLC.
· Develop and leverage security knowledge to provide detective, responsive, and preventative security controls to Cargill’s cloud and on premises environments.
· Align information security objectives to external regulations, E.g. privacy, etc.
· With colleagues, lead the definition, creation, and maintenance of key metrics and reporting on risk, capabilities, and compliance.
· Provide on call support coverage for security tools and controls per on call rotation.
· With colleagues, own the effort Insure bugs are engineered out of the environment, keeping security controls running, eliminating business impact and after-hours support.