Manager, Identity and Access Management (Remote) in Marysville, OH at ScottsMiracle-Gro

Date Posted: 6/18/2022

Job Snapshot

Job Description

Here at Scotts Miracle-Gro there is no such thing as a typical day.  Our culture is constantly energized by new and exciting growth opportunities and at a rapid pace.  Every Associate plays an important role in providing innovative solutions for today’s gardeners and growers and contributing new ideas to improve operations. In our company you need grit, it is what we were founded on over 150 years ago and is what keeps us growing. Regardless of your level in the organization there is a platform for your voice to be heard and the ability to influence change. Family, community and hard working values are weaved into all that we do. Come grow with us, where we develop and nurture the next generation of leaders. ​

We are looking for a Manager, Identity and Access Management who will join our Scotts team remotely.

The confidentiality, integrity and availability (security) of Scotts’ information assets and IT resources, as well as the adherence to laws and contractual obligations regarding information processing, is critical to its mission. This position plays a material role in protecting these assets from events that may have a significant negative impact to the Company and its shareholders.

What you’ll do in this role:

  • Presents security concepts, technologies and improvement plans to broad audiences including Executive Leadership and Business Information Security Committee.

  • Attest compliance with government regulations to internal audits as appropriate

  • Help drive department financials; including accruals, forecasting, and budgeting related to area.

  • Direct the team on integration activities stemming from mergers/ acquisitions/ divestitures, ensuring a seamless IAM process during and after the transition.

  • Make risk-based decisions/recommendations when deviations from standards are required, including recommendations on compensating controls.

  • Facilitates the use of technology-based tools or methodologies to review, design and/or implement products and services to provide a strong IAM program that balances access with compliance and confidentiality.

  • Understands business and information technology management processes and demonstrates advanced understanding of business processes, internal control risk management, IT controls and related standards.

  • Work with the CISO to develop a security program and security projects that address identified risks and business security requirements.

  • Develops and maintains security architecture artifacts (e.g., models, templates, standards and procedures) that can be used to leverage security capabilities in projects and operations.

  • Drive continuous improvement by drafting security procedures and standards to be reviewed and approved by executive management and/or formally authorized by the chief information security officer (CISO).

  • Manage the design and implementation of cloud-centric controls across the organization; including emerging environments, and legacy systems.

  • Continually advance the use of the company standard SSO solution, and adoption of Multi Factor Authentication across the organization.

  • Provide leadership to departmental team members around building, maintaining, and running identity management platforms and associated solutions.

  • Lead a cross-platform team for user access provisioning (Windows, SAP, *NIX), and ensure systems/processes remain compliant with all corporate and government regulations.

  • Develop associates by providing timely feedback, coaching, and guidance.

  • Develop team members ability to anticipate obstacles, and plan for contingencies.

  • Leads team members to determine security requirements for business processes and technology systems based upon generally accepted risk analysis methods, functional and performance requirements, information security architecture principles, and market-leading solutions.

  • Ensure team members maintain up-to-date knowledge and understanding of information security threats, vulnerabilities, practices, principles and technology solutions.


Supervision Exercised

  • Direct Supervision of Information Security IAM team, including approximately 8 full time associates that may vary over the period.  Direct supervision of consulting or other third party project resources that will range in numbers from 0 to 15, depending on the project.

  • This position is expected to influence and gain alignment with people at all levels in the organization on matters that are related to Information Security.

What you’ll need to be successful:

  • Proficient in information security frameworks, practices and principles (e.g. ISO 27X, COBIT,NIST, SANS TOP 20, OWASP TOP 10, GAPP, etc.) and proficient in creating and implementing metrics to measure and drive high performance referencing such frameworks

  • Expert level knowledge and hands-on experience in one or more specific technical areas (e.g. network security, web security, anti-virus/anti-malware, data loss prevention, identity & access management, cryptography, application security, threat and vulnerability management, security event monitoring, incident response, forensics, etc.) that enable the individual to serve as the highest level resource in that area within the organization.

  • Experience with administrating authentication technologies, such as Microsoft Active Directory/Windows authentication, OpenLDAP, Kerberos, OpenID Connect, OAuth, SAML, SCIM, privileged access management, and federated identity management.

  • Expert understanding of IAM concepts, including federation, authentication, authorization, role-based access control, access controls, identity and access provisioning life cycle, and attacks against identity, authentication, authorization and auditing.

  • Proficient in developing use cases, evaluating alternative solutions, cost justification, recommended solutions, and comprehensive deployment plans

  • Proficient in generally accepted change, problem and incident management principles (e.g. ITIL)

  • Working knowledge of IT-related laws and compliance mandates (e.g. Sarbanes Oxley 404, PCI DSS, HIPAA/HITECH, Personal Information Privacy).

  • Strong analytical, problem solving and conceptual skills to identify and deliver high performing solutions.

  • Strong verbal and written communication skills, with an ability to express complex technical concepts in understandable business terms.

  • Proficient in project management principles, and ability to deliver high quality solutions on time and within budget.

  • Strong interpersonal skills with the ability to work on cross-functional project teams and foster team commitment to tasks as well as collaborate with Business partners.

  • Has the ability to interface with, and gain the respect of, stakeholders at all levels and roles in the company.

  • Has good judgment, a sense of urgency and has demonstrated commitment to high standards of ethics, regulatory compliance, customer service and business integrity.

  • Bachelor degree in Computer Science or related field, OR equivalent combination of education and/or experience

  • CISSP, CISM, GIAC or other relevant information security certifications are desired

  • 5 or more years of related work experience

Competencies:

  • Problem Solving & Analysis

  • Business Acumen

  • Communication & Leadership

  • Relationship Building

  • Creativity & Innovation

  • Influence & Organizational Savvy

  • Planning & Organizing

What we do for you (just to list a few cool ones):

  • Offer extremely competitive benefits including Health, Dental and Vision coverage.

  • 401K match (up to 7.5%). No waiting period on vesting or match.

  • Discounted stock purchasing program (15% discount).

  • 13 paid holidays and a generous vacation policy.

  • Fitness Club Reimbursement ($350)

  • Nutrition reimbursement program (up to $200 per associate and per spouse)

  • Our commitment to diversity and inclusion includes employee resource groups: Scotts Women’s Network, Scotts Black Employee Network, Scotts Veterans Network, GroPride Network, Scotts Associates for a Greener Earth (SAGE), TREE (Together Respecting, Empowering, and Encouraging Families) and Scotts Young Professionals

Here at ScottsMiracle-Gro, we believe providing an enriching and engaging employee experience is what sets us apart from other organizations. We recognize our employees are so much more than just their job title so we offer programs and benefits that support them in all aspects of their lives. Wondering how we do it? Below is a glimpse of our highlight reel…

  • Our Live Total Health program provides you with options to align to your personal needs.  Selections range from medical, dental and vision coverage for you, your spouse/domestic partner and dependents to an outstanding wellness reimbursement program to an unbelievable 401K match (up to 7.5%) as well as a 15% discount on company stock and much more

  • We know our talent is our most precious asset and your unique development contributes to our organization’s success now and in the future.  Career growth at our company is not always a ladder.  It’s much more like a rock climbing adventure.  Grow through exploration and experiences rather than a predictable linear path.

  • We value the importance of family. We provide access to Maven Family Planning and up to $30,000 to accommodate for adoption, fertility and surrogacy.

  • Be part of something bigger by joining one of our Employee Resource Groups focusing on diversity and inclusion, family, education and sustainability: Scotts Women’s Network, Scotts Black Employees’ Network, Scotts Veterans’ Network, Scotts Young Professionals, Scotts Pride Network (GroPride), Scotts Associates for a Greener Earth (SAGE), Scotts Family TREE and our Associate Boards.

  • Join a company with a strong belief in giving back to the communities where we live and work.  We have a shared passion for service and volunteerism and believe participating in community service benefits our communities and strengthens our team. 

Not interested in this role? Stay up to date on future opportunities by joining our ScottsMiracle-Gro and Hawthorne Gardening talent communities.

Scotts is an EEO Employer, dedicated to a culturally diverse, drug free workplace.

EEO/AA Employer/Minority/Female/Disability/Veteran/Sexual Orientation/Gender Identity

Notification to Agencies:

Please note that the Scotts Miracle-Gro company does not accept unsolicited resumes from recruiters or employment agencies. In the absence of a signed Master Service Agreement, and specific approval to submit resumes to an approved requisition, the Scotts Miracle-Gro company will not consider or approve payment regarding recruiter fees or referral compensations.