Sr. Manager, Information Security

Reporting directly to the Sr. Director of Information Security, the Senior Manager of Information Security plays a critical role in supporting security initiatives across the organization.

You will support the Sr. Director on various initiatives, strategy execution and budget management. You will act as the bridge between the cybersecurity team and various business segments.

You’ll be a trusted advisor to both security and business stakeholders to ensure security practices are embedded across the organization.

You’ll be responsible for working with other IT Delivery Leads and Analyst assigned to other business segments to understand priorities and support to spread the program further.

Additionally, you will be supporting the Sr. Director as a Digital Business Partner Liaison for Legal. You will be responsible for identifying changing needs, assessing the impact of the change, capturing and documenting requirements and then ensuring that those requirements can be delivered by IT.

You will also serve as the primary lead for Identity and Access Management (IAM) program development and oversight which includes leading the design and implementation of the IAM ensuring compliance with IAM policies and standards.

Core Responsibilities :

• Planning and execution : Assisting the CISO in developing and implementing the overall cybersecurity strategy, aligning it with the organization's business goals and risk tolerance.
• Project Oversight : Overseeing initiatives ensuring they stay on track, and deliver expected outcomes.
• Research and analysis : Conducting research on emerging cyber threats, industry trends, and best practices, keeping the CISO informed and able to make strategic decisions.
• Budget and resource management : Assisting the CISO in managing the cybersecurity budget, allocating resources effectively, and justifying resource requests to senior management.
• Team coordination : Facilitating communication and collaboration between the CISO and other cybersecurity teams, IT departments, and business units.
• Process improvement : Streamlining security operations, optimizing workflows, and implementing new technologies to improve efficiency and effectiveness.
• Presentations and reports : Preparing and delivering presentations and reports to leadership teams, the board of directors, and other stakeholders, communicating the cybersecurity posture and risk landscape.
• Identify and evaluate security risks and recommend appropriate security controls and solutions, taking into account the trade-offs between security, usability, and cost
• Monitor and evaluate the effectiveness and performance of the security program and solutions, using metrics, audits, and feedback mechanisms
• Digital Partner Support Legal
• Assist in the development and execution of a comprehensive digital strategy and roadmap for the global Legal technology portfolios.
• Identify opportunities to leverage emerging digital technologies and platform best practices to drive innovation, efficiency, and productivity within Legal functions.
• Facilitate the adoption of digital technologies and processes to improve operational efficiency, productivity, compliance, and decision-making.
• Oversee the management and optimization of technology solutions and platforms supporting Legal functions. Major solutions / platforms include I-certis contract lifecycle management solutions.
• Ensure alignment between technology investments and business priorities, optimizing resource allocation and enabling value realization.
• Establish and nurture partnerships with technology suppliers, service providers, and industry experts to understand product roadmaps, and to enhance the company's Legal digital capabilities and innovation ecosystem.
• Manage supplier contracts, ensuring alignment with business requirements, service levels, and cost-effectiveness.
• Assist in innovation and experimentation with emerging technologies such as AI / ML and data analytics to enhance Legal operations and user experiences.
• Performance Monitoring and Measurement
• Assist in defining key performance indicators (KPIs) and metrics to measure the effectiveness and impact of digital initiatives and technology investments within Legal functions.
• Monitor performance data, analyze trends, and provide regular reporting to Business Partners, identifying opportunities for continuous improvement and optimization.

Core Identity & Access Management Responsibilities

• Be the champion for identity access management (IAM), which includes access management, privileged access management (PAM), and identity governance administration (IGA) technologies and processes.
• Oversee execution of IGA processes where appropriate to improve workflow efficiency
• Demonstrate in-depth technical capabilities and professional knowledge in user lifecycle management, identity and directory services, secrets management, and related concepts and technologies
• Work in close partnership with the Information Security Team and the IAM operations team to develop policies and standards for service delivery teams
• Serve as the Subject Matter Expert for core aspects of the IAM program globally
• Create and continuously curate the IAM strategic roadmap by ensuring that small, medium, and large projects align to the vision of how IAM should enforce enterprise controls that combine good user experience and outstanding security.
• Lead the requirements and design process for the entire IAM platform solution. Oversee and provide architecture requirements for all aspects of the SDLC and drive the strategic roadmap by articulating both business and technical requirements.
• Lead design and implementation of complex enhancements or onboard / integrate new applications
• Work with technology vendors on strategic road mapping, resolving product issues, technology evaluations, and design reviews
• Lead and participate in continuous improvement initiatives, identify ways to improve delivery by introducing technology innovations or processes or re-engineering to increase efficiencies of the team
• Meet demands of managing multiple work streams, communicating effectively with senior technology and business leadership, and demonstrate experience leading large and complex projects and global programs.
• Assess and advise on modernizing IAM capabilities and methodologies and project management implications throughout projects' timelines, including development of strategies, readiness assessment, development of training and communications.
• Operate as an advisor for our distributed IAM teams to help them to elect the best solution for resolving the identified / possible technical issues or security threats in the system / infrastructure.
• Define and implement IAM governance framework, policies, and procedures
• Design and develop IAM system architecture, integration, and configuration
• Manage IAM orchestration and automation tools and processes
• Monitor and audit IAM system performance, security, and compliance
• Identify and resolve IAM issues and incidents
• Provide IAM guidance and best practices to other teams and stakeholders
• Research and evaluate new IAM technologies and trends
• Lead and mentor IAM team members and junior staff and managed service providers

Requirements

• Minimum 7 years of experience in information security or a related field.
• 5+ years’ experience in Information Security, including experience with security principles, and identity and access management.
• Bachelors’ degree or equivalent experience.
• Current holder of CISSP, or other industry certifications
• In-depth knowledge of security principles, frameworks, and methodologies (e.g., NIST Cybersecurity Framework, CIS Controls).
• Experience implementing security standards and Privileged Access Management (PAM)
• Advanced operational knowledge of enterprise wide IAM platforms and of authentication platforms
• Excellent communication, collaboration, and interpersonal skills.
• Demonstrated ability to apply IT-related knowledge and experience in solving compliance issues.
• Ability to translate complex technical concepts into clear and concise language for both technical and non-technical audiences.
• A proactive and results-oriented approach with a strong work ethic.
• Practical experience of defensive and offensive security measures.
• Strong functional understanding of computer networking, building of networks, and all associated components.
• Practical experience leading, documenting and improving security through threat modeling .
• Multiple years of experience in information systems with experience in designing, development and support of complex systems and solutions.
• Practical experience implementing controls supporting NIST, ISO, or other industry standards.
• Ability to set and manage priorities judiciously.
• Ability to present ideas in business-friendly and user-friendly language.
• 5+ years' experience managing IAM in a globally diverse ecosystem
• 5+ years implementing IAM solutions in complex IT (Information Technology) environments
• 2+ years implementing IGA solutions in complex IT environments
• Experience with authentication protocols such as SAML, OAuth and LDAP
• Strong interpersonal skills, including teamwork, facilitation, and negotiation.
• Strong written and verbal communication and presentation skills; must be comfortable and effective communicating with Associates at all levels of organization, in both formal and informal settings
• Strong analytical, planning, and organizational skills
• Preferred Experience
• Advanced technical certificates from Microsoft, SANS, ISC2, ISACA
• Operational knowledge of national and international regulatory compliance frameworks
• Experience in a cloud computing environment (e.g., AWS, Azure, GCP).

Ingredion provides accommodations to job applicants with disabilities throughout the hiring process. If a job applicant requires an accommodation during the application process or through the selection process, we will work with the applicant to meet the job applicant's accommodation needs.

We are an equal opportunity employer and value diversity at our company. Ingredion seeks to provide a work environment that is free from harassment and discrimination.

We will not tolerate any form of discrimination based on race, color, religion, age, gender, gender identity, gender expression, national origin, ancestry, handicap or disability mental or physical marital status, sexual orientation, veteran status, disability resulting from military service, or any other classification protected by law ( protected classifications ).

We are committed to establishing and maintaining a work environment where everyone is treated with dignity and respect.

Relocation Available :