Basic Qualifications and
The Security Developer will be a key member of the Technology Governance Risk and Controls (TGRC) Security Architecture team which is responsible for both security architecture and our companies Cloud Security Program, an initiative to secure all managed cloud platforms globally.
80% Developer - Development, Testing, and Analytics
• Write high quality testable code that enables risk mitigation and alerting.
• Develop and leverage security knowledge to provide detective, responsive, and preventative security controls to cloud and on premises environments.
• Develop and leverage your understanding of penetration testing to insure developed security controls are comprehensive and robust.
• Enable a continuous compliance framework using developed security controls.
• Work with other teams within TGRC, Digital Labs, and Cargill Businesses to automate security and enable their success by providing a secure compute environment.
• Enable the adoption of innovative technologies (Cloud, Mobility, and Big Data, etc.) by enabling an integrated security architecture.
• Collaborate with team in an agile working environment both in the office and remotely.
• Coordinate remediation activities.
• Consult and collaborate with other teams to provide expertise on security best practices.
• Consult and address enterprise and application risk by ensuring security is built into our environment.
• Provide documentation, consulting and training where appropriate on security to other teams.
• Collaborate with Technology Risk Managers and Risk Analysts on technology risks, gaps, reviewing Risk Watch, audit issues, and emerging risk areas to provide solutions for enterprise risk themes.
• Provide policy analysis and alignment with business practices and processes.
• Considered a SME in one or more of the following areas: Cloud, Secure Software Development Lifecycle, Penetration Testing, Mobility, Identity & Access Management, Network security.
• Contribute to definition and maintenance of security architecture and cloud security related polices and standards.
• Monitor and align information security objectives to external regulations, E.g. privacy, etc.
• Production of metrics and reporting, risk, capabilities, dashboard, compliance.
• Provide on call support coverage for security tools and controls per on call rotation.
• Apply your development skills to insure bugs are remediated and engineered out of the environment, keeping security controls running and minimizing after hours support.
Required Skills and Experience
• Bachelor's degree in relevant area (e.g. Computer Science, Computer Engineering, Electrical Engineering, etc.)
• 10+ years of IT work experience.
• 1+ years security experience
• 1+ years software development experience
• Demonstrated experience in independently managing priorities & workload
• Demonstrated experience moving from concept to implementation quickly and effectively.
• Working knowledge and experience with Cloud (i.e. O365, AWS, Azure) design principles and security architectures.
• Demonstrated customer focus and strong interpersonal skills.
• Demonstrated initiative and drive to solve complex development and security challenges.
• Demonstrated ability to influence, adapt to adversity, and drive for results (resilient)
• Effective communication and teaming skills.
• 1+ years DevOps or SecOps experience
• 1+ years working with public cloud platforms such as AWS and Azure.
• 1+ years pen testing experience.
• Working knowledge of security technologies such as Next-gen FW, PKI, SIEM, access control, DLP, DRM, IPS, etc.; and how security technologies support an overall security program.
• Demonstrated knowledge of modern federated identity management and access control.
• Demonstrated professional experience working in an agile team environment.
• Industry security and cloud certifications (i.e. CCSP, CISSP, CEH, AWS/Azure)