Director, IT Global Security, Risk and Compliance

The Mosaic Company (NYSE: MOS) is the world’s leading integrated producer of concentrated phosphate and potash—two of the three most important nutrients in agriculture. We employ more than 13,000 people in six countries to serve farmers all over the world. Our Headquarters is in Lithia, Florida with operations throughout North America (U.S./Canada) and South America.

The Director, IT Cybersecurity is accountable for establishing and maintaining an enterprise information risk management program to ensure Mosaic information assets are adequately protected. Additional responsibilities will include, but are not limited to, developing security policies, standards, and guidelines; working with business leaders to facilitate IT risk assessments and

identifying acceptable levels of residual risk; managing security incidents and events; and directing security and risk management projects.

Provide work direction to the team as well as timely and constructive feedback to ensure employees have a clear understanding of their work, roles, business goals and performance standards. Manage performance issues when necessary. Develop and coach employees to retain and grow organizational talent.  Support employees in their career development at Mosaic.

What will you do?

•  Lead, develop and coach IT security employees in order to retain and expand organizational talent through focused attention and effort.  Provide timely and constructive feedback on a regular basis to ensure employees have a clear understanding of their work, roles and the business. Manage performance issues when necessary.

• Manage security incidents and events to protect corporate IT assets, including intellectual property, regulated data and the company’s reputation. Actively monitor security alerts, advisories, exploits, assessing risk and leading Mosaic teams toward an appropriate response.

• Develop, maintain and publish up-to-date security policies, standards and guidelines, and oversee training and dissemination of security policies and practices. Create and management an information security and risk management awareness training program for all employees, contractors and approved system users.

• Work directly with the Mosaic business leaders to facilitate IT risk assessment and risk management processes and work with stakeholders through the enterprise on identifying acceptable levels of residual risk.  Work with external & internal audit on Mosaic IT controls audits. Provide strategic risk guidance for IT projects, including the evaluation and recommendation of technical controls. Direct information security and risk management projects with resources from the IT organization as well as business representatives.

• Develop and implement an enterprise information security and IT risk management program that is aligned with ISO 27001, NIST CSF, and other applicable standards and frameworks via a common control framework. Create a framework for roles and responsibilities with regard to information ownership, classification, accountability and protection. Work with the Enterprise Architecture team to ensure alignment between the security and enterprise architectures, thus coordinating the strategic planning implicit in these architectures.

What do you need for this role?

• Bachelors Degree required, with a major in Information Technology, Business Management, Computer and Information Science, or related field. Masters Degree preferred.

• 10+ years of Information Technology experience required.

• Regulatory and Risk Management experience required

• Sarbanes- Oxley Act (SOX) experience required

• Policy Development knowledge required

• At least one active certification required: Certified Information Systems Security Professional (CISSP) - (ISC)2 or Certified Information Systems Auditor (CISA) - ISACA or Certified Information Security Manager (CISM) - ISACA.

• Project Management Professional (PMP) - PMI preferred

• Advanced in AI Security Management (AAISM) preferred

• Information Technology Infrastructure Library (ITIL) preferred
   

What’s In It for You: 

• An attractive base salary + an annual incentive 

• 11 paid holidays each year 

• 401k with a company match and annual company contributions 

• Paid sick leave for when you need it 

• A robust benefits package which includes Medical, Dental, and Vision insurance 

• Outstanding growth opportunities, both within Mosaic and for your skillset

#LI-KM1