Senior Analyst - Cybersecurity (Risk Management & Compliance)

Wymagania: - Bachelor’s and Seven (7) years or more of related experience - 5+ years of experience in GRC, risk management and/or policy management - 5 years of experience in risk assessment, IT policy, compliance requirements - 5 years of experience with RSA Archer or other GRC Tools/Platform - Strong understanding of cybersecurity frameworks, regulatory compliance standards, and enterprise risk management practices - Excellent communication skills in English (B2+ or higher) and ability to collaborate across functions and geographies O firmie: - Sysco is the global leader in selling, marketing and distributing food products to restaurants, healthcare and educational facilities, lodging establishments and other customers who prepare meals away from home. Its family of products also includes equipment and supplies for the foodservice and hospitality industries. With more than 71,000 colleagues, the company operates 333 distribution facilities worldwide and serves approximately 700,000 customer locations. For fiscal year 2022 that ended July 2, 2022, the company generated sales of more than $68 billion. Information about our Sustainability program, including Sysco’s 2022 Sustainability Report and 2022 Diversity, Equity & Inclusion Report, can be found at www.sysco.com. Zakres obowiązków: - This position is an experienced level, hands-on Senior Analyst Cyber Risk Management & Compliance, performing IT security functions and maintaining systems, while providing technical guidance to the team - The GRC analyst will be responsible for leading the day-to-day cyber compliance, data governance, and cyber risk management functions - The role will include responsibility for defining, creating, and managing cyber and organizational policies and standards in support of legal and regulatory compliance including PCI, NACHA as well as general cyber and organizational information security practices - The Senior analyst will participate in process improvements to the RSA Archer Platform - Collaborate with stakeholders, business analysts, process leaders, and architects in interpreting requirements and configuring them into software platforms - Execute cybersecurity risk assessment and control attestation processes in GRC - Participate in the development and implementation of the system-wide risk management function of the information security program to ensure cyber security risks are identified and monitored - Participate in the system-wide information security compliance program, ensuring cyber activities, processes, and procedures meet defined requirements, policies and regulations - Monitor, track and manage Cyber Findings, Exceptions and Issue tracking along with reporting them to respective teams - Candidate should be able to provide GRC guidance and interpretation of rules, regulations, risks, and best practices - Ability to trouble shoot, identify, analyze and mitigate GRC related risks in existing processes, policies and procedures - Review control effectiveness evidence to assess the quality and effectiveness of the implemented controls - Document residual risk. - Prepare and communicate operational metrics and trend analysis for the Cybersecurity Leadership Team