A mutually rewarding experience.
Work. Realize your ambitions. And realize there's more to being in business than just making a profit. That's the Mars philosophy. And the opportunity we offer every one of our Associates. An opportunity to take what you do and make it mean more for you, for those around you and for the planet. What you get here is challenging, interesting work. You get the tools you need to do a great job and you get to have the best possible people on your side to help you do it. And at the same time as getting to find ways to do business better today than we did it yesterday and driving a great career, you also get to build a more enlightened business and drive sustainability.
Because it's never just about a single person, a single project or a single brand. It's about how you can grab everything that's within your reach here and use it to pursue mutual, long-term gain. It's about having ideas. And ideals. Being prepared to risk failure because the promise of success means we'll all be a little better off. It's that mix of integrity and ambition that makes Mars such a special place to work. And why working here is always about more than just a job.
About Mars, Incorporated
Mars is a family-owned business with more than a century of history making diverse products and offering services for people and the pets people love. With almost $35 billion in sales, the company is a global business that produces some of the world's best-loved brands: M&M's, SNICKERS, TWIX, MILKY WAY, DOVE, PEDIGREE, ROYAL CANIN, WHISKAS, EXTRA, ORBIT, 5, SKITTLES, UNCLE BEN'S, MARS DRINKS and COCOAVIA. Mars also provides veterinary health services that include BANFIELD Pet Hospitals, Blue Pearl, VCA and Pet Partners. Headquartered in McLean, VA, Mars operates in more than 80 countries. The Mars Five Principles Quality, Responsibility, Mutuality, Efficiency and Freedom inspire its more than 100,000 Associates to create value for all its partners and deliver growth they are proud of every day.
The role will entail leading security architecture for one of the business segments globally. The security architect will leverage security architecture standards and frameworks to provide security guidance to the business partners and project teams from a specific business segment with goals of maturing and improving overall security posture of the segment and cultivating a segment-wide culture of securityawareness. The role also requires the Senior Security Architect to assess existing or new/ emerging technologies to identify security threats, tailoring requirements, and providing recommendations to help integrate security controls.
Partner with stakeholders from the business segment globally on all the projects and initiatives to apply security architecture requirements, develop solutions, integrate security into solution designs, assess security risks/ gaps, and develop architecture recommendation.
Serve as lead or technical expert on specific areas to define and maintain the architectural frameworks/patterns, processes, standards and guidelines related to systems, business or data architecture.
Perform gap analysis across the organization to identify unnecessary complexity in existing processes and procedures; work with service and application owners on mitigation strategies.
Educate the business and IT stakeholders of the business segment on the security architectural frameworks/patterns, processes, standards and security guidelines related to systems, business or data architecture.
Provide security review/ consulting for project teams or other stakeholders within the business segment to help Influence the overall architecture direction of IT systems and applications and ensure the confidentiality, integrity and availability of the information is protected.
Provide input to the development of the methodology/ framework for providing consistent and repeatable security architecture guidance by working alongside the security architects supporting other business segments.
Assist with defining, developing and incorporating security requirements mandated by global/ regional industry regulations such as GDPR, PCI DSS, etc. in to information security standards and architecture recommendations.
Conduct studies of new technologies to provide more efficient and cost effective solutions. Research and recommend tools to help manage security technology capabilities and processes for the specific business segment.
Develop and conduct presentations to architects, project teams and leaders on complex security topics and be comfortable in explaining in a very simple business oriented language along with their business benefits.
Manage security incidents that cross multiple departments in the organization.
Context and Scope:
Partner with internal MIS and Segment/Functional stakeholders on all assigned projects and initiatives
May join other initiatives as a team member representing Security standards/frameworks/processes
To perform the role, must have strong analytical skills and deep security subject matter expertise across platforms
Exercise critical thinking in identifying external trends in information security threats and correlating to internal activity
Ability to work with minimal supervision
Excellent communication skills and ability to work with business segment teams across all the regions to ensure fast and appropriate action is taken when a breach is identified
Possess deep cyber security expertise to be credible to organization when making recommendations and driving change
Experience across various security domains, which include:
Perimeter network security: firewall, IDS/ IPS, WAF, DDoS mitigation, etc.
Data security: encryption, key management, data masking, etc.
Identity & Access Management: User authentication/ authorization, de-provisioning, access review, etc.
Privileged access management: password vaulting, session management, access review, etc.
Application & Integration security: Secure SDLC, static/ dynamic testing, web service/ API security, etc.
Server and endpoint security: Anti-malware, Host IPS, Host Firewall, File Integrity Monitoring, etc.
Logging/ monitoring, SIEM integration and Incident Response
Cloud, Mobile & Digital security
Industrial control security (ICS)
Security for new and emerging technology areas such as AI, etc.
Education & Professional Qualification:
University degree (engineering/IT/computer science) or equivalent work experience
Certifications such as CISSP, CISSP-ISSAP, etc.
Minimum of 5+ years in several security functional areas
Solid knowledge and understanding of securing all major operating systems
Information analysis and insight generation
Mars is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability status, protected veteran status, or any other characteristic protected by law. If you need assistance or an accommodation during the application process because of a disability, it is available upon request. The company is pleased to provide such assistance, and no applicant will be penalized as a result of such a request.