Ventura Foods is a leading global manufacturer of branded and custom food products that proudly helps food providers in the U.S., Canada and more than 60 other countries earn a special place on consumers’ tables. We do this by continually crafting custom dressings, sauces, mayonnaises, and other food solutions that exceed peoples’ expectations for great-tasting flavors and high-quality ingredients.
Headquartered in Brea, California, Ventura Foods operates 14 manufacturing facilities, 3 culinary centers, and numerous distribution centers across North America. When you work in our manufacturing and distribution facilities, you get a strong foundation of training, a manager who cares about you and celebrates your success, a safe environment, and challenging work. As part of our team, your future is limited only by how much you’re willing to push yourself to get there. We invest in your growth, because you invest in ours.
The Information Security Manager position is a member of the ITS Infrastructure team. The position is responsible for the overall direction and management of the Information Security Program within Ventura Foods. The Information Security Program helps ensure the confidentiality, integrity, and availability of Ventura Foods IT assets.
Major Duties and Responsibilities:
- Governance - Develops information security program strategies and roadmaps; develops and maintains information frameworks (e.g., NIST Cyber Security Framework), security policies, procedures, and standards; defines information security roles and responsibilities.
- Access Management - Develops and oversees access management processes, including user provisioning; manages and directs access management staff; develops and maintains Identity and Access Management (IAM) architecture, technology/tools, and automation; develops, implements, and maintains privileged account management control processes and technologies (e.g., CyberArk).
- Network Security - Develops and maintains network security architecture; oversees and directs network security staff and coordinates with network operations team members to implement network security architecture; ensures the secure configuration of network devices (routers, switches, firewalls, VPNs, access points, etc.); oversees email security technologies and configurations; assesses, designs, and coordinates with network security, network operations, and plant engineering staff to ensure the security of Industrial Internet of Things (IIoT) & plant Operational Technology (OT) network and relates devices.
- Endpoint/Host/Domain/Cloud Security - Develops and maintains endpoint, host, Active Directory Domain, and cloud security architectures; oversees and directs security staff and coordinates with IT Infrastructure and Applications team members to implement related security architectures; ensures the secure configuration of endpoint, host, domain, and cloud devices and environments (Windows endpoints, Windows/Linux servers, Active Directory domain, Azure, O365, etc.); oversees related protection technologies (e.g., Palo Alto Cortex XDR).
- Application Security - Develops application, database, and web security standards and requirements; works with Applications team members to assess system security risks and provides guidance to improve systems security posture.
- Monitoring & Incident Response - Develops and maintains comprehensive security event/incident monitoring capabilities and related technologies (e.g., IBM Qradar); develops and maintains a cyber security incident response plan and acts as overall incident response team leader; oversees managed security services providers (e.g., Virtual Armour, Endpoint Armor, Mandiant, etc.) and coordinates related activities.
- Risk Management & Compliance - Develops, maintains, and performs IT risk assessments and related methodology; acts as IT audit liaison for internal and external IT audits; develops and maintains continuous monitoring and cyber security metrics processes (e.g., BitSight); oversees vulnerability and patch management processes and related technologies (e.g., Qualys, BigFix, etc.); develops and leads security awareness and training program and related technologies (e.g., Proofpoint/Wombat); develops, implements, and maintains data protection strategies, process, and technologies (e.g., Microsoft Information Protection); develops and performs third-party/vendor cyber risk management processes.
- Projects - Leads IT security projects and participates in IT business projects to ensure security requirements are defined and addressed to minimize risk.
- Administrative Functions - Planning; budgeting; time tracking; personal training; staff supervision, performance evaluations, and mentoring; etc.
Education and Experience:
- Bachelor degree in information security or related field
- 8+ years of information security-related work experience, including at least 2 years in a management level position
- One or more of the following security certaifications:
- Certified Information Security Systems
- Professional (CISSP)
- Certified Information Security Manager (CISM)
- Certified Ethical Hacker (CEH)
- SANS GIAC GSEC, or similar.
Knowledge and Skills:
- Strong working knowledge of informatyion secuirty framewoirks and controls (e.g., NIST CSF, ISO2700x, NIST 800-53, etc.)
- Strong workjing knowldge of networking concepts (TCP/IP, OSI model, architecrures, routing, segmentation, etc.)
- Strong working knowledge of network security devices (e.g., firewalls, proxies, access points, virtualization, cloud security, etc.)
- Strong working knowledge of data protection methodollvies and technologioes (e.g., encryption, SSL/TLS, certificate authorities, DLP, etc.)
- Proven ability to lead large-scale technical projects with assigned technical personnel to successful completion
- Strong worjing knowledge of application security security concepts and technologies
- Strong worjing knowledge of endpoint security and Active Directory security concepts and technologies
- Strong worjing knowledge of risk assessments, and vulernability/patch management
- Excellent verbal, writing, and people skills
- Good time and work management skills including multi-tasking
Preferred experince, technologies, and skills:
- Palo Alto firewalls and VPN
- Palo Alto Cortex EDR endpoint protection
- Azure Active Directory, Office 365, Micirosft/Azure Identity and Access Management, Micorosft Information Protection , CASB
- Proofpoint Email Security
- Proofpoint/Wombat security awareness and training
- AS/400, JD Edwards ERP
- CyberArk priviledged account management
- OWASP, DAST/SAST,
- SIEM IBM Qradar, forensics
- Qualys, BigFix, Micorosft Endpoint Manager/Intune
- Operational Technology (OT), Allen Bradley, SCADA, ICS, DCS, HMI, Purdue ICS model, Internet of things (IoT), etc.
Ventura Foods is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, disability status, protected veteran status or any other characteristic protected by law.