• IT Security Operations Manager

    Location US-PA-Philadelphia
    Job ID
    2018-8633
    # Positions
    1
    Category
    Information Technology
    Type
    Full Time
    Relocation Eligible
    No
  • Company Overview

    FMC Corporation is a leading specialty company focused on agricultural technologies. FMC provides innovative and cost-effective solutions to enhance crop yield and quality by controlling a broad spectrum of insects, weeds and disease, as well as in non-agricultural markets for pest control.
     
    FMC is a globally diverse organization that offers its employees exciting opportunities to work on challenging projects that are important to the achievement of our strategic objectives. Your education and professional experience are valued and put to use from day one. Your success at completing key initiatives can result in a varied, progressive and fulfilling career with FMC.
     
    With a corporate culture of innovation, integrity, responsibility and customer intimacy, we foster “The Right Chemistry” in everything we do. We are looking for people to join us in creating, developing, and improving our products, our processes, and our markets.  If you are ready to make a difference every day, FMC is ready to talk to you.

    Overview

    The Information Security Operations Manager is responsible for providing technical leadership, while securing all IT infrastructure operations at company sites and datacenters worldwide, including:

    1. Network security, application security, and end-point security;
    2. Vulnerability management, incident response and IT compliance (SOX, GDPR etc.);
    3. Security design and management including monitoring/auditing; creating, and implementing IT Security Infrastructure upgrades, new security mandates, and new business driven infrastructure.

    Responsibilities

    • Ensure the confidentiality, integrity and availability of data and applications across FMC estate.
      • Manage the day to day operations of a global team of IT Security professionals, including personnel training, development, mentoring and coaching.
      • Work with IT Security & Compliance Director and IT Operations Director in the definition, design and implementation of defensive, detective and preventive processes, procedures, best practices and instrumentation around the perimeter, end-point and application security.
      • Work with the IT Team(s) to ensure infrastructure and applications are appropriately secured and implement information security defense architecture, solutions, tools and automation for the continuous protection of our corporate systems and information assets.
      • Define and document the system security requirements and hardening standards for the infrastructure and application stack.
      • Work with stakeholders to identify and recommend best-fit solutions to address security technology requirements, and lead implementations where appropriate. Examples include but are not limited to: IDS/IPS, SIEM, HIDS, FIM, Vulnerability Scanners, Web Application Firewalls, Threat Monitoring and Detection, Privileged Access Management, DNS Security, etc.
      • Prepare security metrics for senior management.
      • Participate in product selection, vendor evaluations, and implementations of security technologies on premise and in the cloud.
      • Security strategist with the ability to research and recommend security enhancements and innovations to the business.
      • Manage security assessments on company’s internal and customer-facing systems.
      • Perform security gap assessments, generate comprehensive reports and recommendations on the security risks and vulnerabilities.
      • Act as the Incident Response Lead and manage the Information Security incident response day to day operations. Develop tactical response procedures to respond and investigate security incidents in a timely manner.
    • Work with IT Compliance Manager to update the IRP (Incident Response Plan) and plan annual incident response table top exercise.

     

    • Lead architecture and design of application security on premise and in the cloud.
    • Perform application vulnerability assessments and partner with IT Compliance to oversee the Vulnerability Management Program.
    • Manage technologies and services in the Identity Access Management space, including Single Sign-on and Access Provisioning.
    • Partner with Director of IT Security & Compliance to align security to audit and compliance requirements.
    • Partner with Global Network team to make intelligent decisions in the firewall technology space and participate in the overall configuration design process.
    • Develop and communicate firewall security policy standards for the enterprise.
    • Develop and manage IT Security budget.

     

    Management and soft skills

    • Excellent customer service and communication skills.
    • Business acumen competency to understand requirements of internal and external customers.
    • Ability to work within a global enterprise group.
    • Ability to lead a global team with the ability to effectively mentor and train team members.
    • Ability to solve problems and troubleshoot complex issues.
    • Ability to work effectively as an individual and as part of a team.
    • Ability to develop and maintain strong peer professional relationships.
    • Ability to maintain composure.
    • Ability to maintain confidentiality and work effectively with all levels in the organization.
    • Excellent communication skills and ability to document and explain technical details clearly and concisely.
    • Strong disposition to work and communicate effectively across cross functional teams within the Enterprise, peering with relevant SME’s and groups to position for success.

    Required Education

    Required Education/ Certifications

    • B.S. degree in Computer Science or related field.
    • CISSP, CISM, security certifications.
    • Experience with security tools, such as vulnerability scanning tools, intrusion detection tools, and exploit toolkits.
    • Experience implementing and maintaining Identity Access Management required (Sailpoint a plus).

    Qualifications

    Qualifications:

    • Minimum 7-10 years work experience as an Information Security Manager, Technology Leader.
    • Minimum 5 years experience managing Information Security personnel.
    • Experience with developing information and systems security strategies at global, multinational Fortune 1000 companies required.
    • Expert knowledge and prior experience with industry frameworks and standards like NIST 800-53, ISO27001, GDPR, SOC2, HIPAA.
    • Thorough understanding of the current threat and attack landscape, latest security trends and service offerings in the marketplace.
    • Experience in the evaluation of cloud based offerings such as Infrastructure as a Service and Software as a Service (IaaS and SaaS).
    • Demonstrates a strong working knowledge of networks, servers, workstations, and operating systems.
    • Extensive knowledge of cloud security technologies, their design, deployment and interoperability across the cloud stack.
    • Extensive knowledge in DNS security.
    • Demonstrated experience managing security technologies including: next generation firewalls, DMZ networks, intrusion detection systems, content filtering, personal firewall software, VPNs, and PKI.
    • Hands-on experience in deploying and administering security tools and appliances - creating policies, tuning, log analysis, troubleshooting and diagnosing problems.
    • Familiarity with securing web related technologies (Web applications, Web Services, APIs, Service Oriented Architectures).
    • Maintains a strong knowledge of security best practices.
    • Experience with Security Audits and Assessments.
    • Experience with Enterprise Security Design, Configuration, and Installation.
    • Experience developing written security policies and procedures.
    • Demonstrated project management experience.
    • Experience with Fortinet firewalls a plus.

    EEO Statement

    At FMC, diversity and inclusion are in our DNA. We are proud to be an Equal Opportunity Employer with a commitment to creating an inclusive workplace where all employees can thrive – regardless of race, gender, sex, pregnancy, gender identity and/or expression, sexual orientation, national origin or ancestry, citizenship status, color, age, religion or religious creed, physical or mental disability, medical condition, genetic information, marital status, military or veteran status, or any other basis protected by federal, state or local law. FMC also supports employee participation in company employee resource groups that celebrate the diverse backgrounds of our workforce by providing communities for employees to connect with each other and raise awareness throughout FMC.

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed