IT Information Security Office (ISO) Manager

CHS has an exciting opportunity in our Information Technology group. We are seeking an Information Security Office (ISO) Manager to play a key role in the evolution of our information security culture, governance and program growth. This role is an integral part of the overall information security program and an exciting opportunity to build the foundation for a maturing CHS information security program. You must have excellent communications skills, both written and verbal, ability to work creatively and analytically in a problem solving environment with an eagerness to lead through change.
You will:

  • Lead the CHS information security office team and program to enable transformational activities related to security awareness, compliance, vendor risk management, incident management and technology evolution that will continue reducing risk around CHS information assets.

  • Ensure timely delivery of Information Security roadmap objectives by internal teams.

  • Coordinate IT Risk Committee meeting topics in partnership with the CISO, coordinate PCI Committee meetings and coordinate PCI assessment activities.

  • Organize and address work efforts associated to CFTC (CHS Hedging regulations), Privacy and SOX control evaluation and testing.

  • Partner closely with IT security and operations teams including project managers, business stakeholders, third party providers and other key stakeholders to initiate, plan and manage the overall program status including reporting, metrics and governance.

  • Collaborate across the enterprise and tell the story behind our security goals and requirements. Develop relationships to manage expectations and agree on clear goals, objectives and timelines.

  • Cultivate and promote a strong safety culture and follow all safety policies, procedures and regulations. Identify and communicate workplace hazards and correct or seek assistance in correcting unsafe actions or conditions.

Basic Qualifications (required)

  • Bachelor's degree preferably in Information Technology, Computer Science/Engineering or Project Management

  • CISSPĀ , CISMĀ or Security+ Certification

  • 10 plus years of related experience managing implementations of large, complex projects with multi-million dollar budgets to include:

    • 6 years managing enterprise level IT security analysts and implementing a broad array of information security project efforts

    • Payment Card Industry standards and delivering to requirements in a retail environment

    • Understanding of common protocols used on the Internet with the ability to identify security pitfalls and proper usages for these protocols

    • Understanding of handling mergers, acquisitions, business consolidations and divestitures in a large architecture footprint

    • Procurement of IT services and managing risks associated to vendor relationships in different geographical locations

  • Experience in DevOps or agile delivery models

  • Experience with infrastructure, architecture, cloud computing and vendor access

Preferred Qualifications (desired)

  • Master's in Information Technology, Project Management, Computer Science or Business Administration

  • PMIĀ PgMPĀ certification

  • Experience with security architecture, modeling, audit, compliance, remediation and testing tools

Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.