Campbell Company Of Canada - Camden, NJ

posted about 2 months ago

Full-time - Entry Level
Camden, NJ

About the position

Campbell's is seeking a Security Analyst - Risk Management to be a vital part of a cross-functional team of risk analysts. This role will focus on supporting improvements in the maturity of the overall cybersecurity program through the execution of risk assessments both internally at the organization and with third-party vendors to evaluate the risk profile and develop risk treatment plans. The successful candidate will have the desire to deliver high-quality information security initiatives, and the ability to communicate effectively with technical and non-technical audiences. In the Vendor Information Risk domain, the Security Analyst will conduct security assessments of third-party vendors and service providers, review and validate security reports, questionnaires, and evidence from third parties, and identify and track security risks and issues related to third parties. The role also involves recommending and implementing security controls and remediation actions for third parties, maintaining and updating the third-party security inventory and risk register, and preparing third-party risk reports to effectively communicate residual risk to business stakeholders. Additionally, the analyst will review risk assessment workflows in the third-party risk management tool to build new workflows and identify opportunities to increase automation and incorporate Artificial Intelligence into the program. In the Information Technology Risk Management area, the analyst will support the Cyber Risk and Awareness department in the ongoing execution of the Cyber Risk Management program. This includes partnering with business teams to identify, document, assess, and mitigate existing and emerging cybersecurity risks based on the sensitivity level of data in use, control of the data internally and externally, and unique needs of the business unit. The analyst will perform cybersecurity risk assessments of internal systems and processes, support the development and maintenance of security policies, standards, and procedures, and monitor and report on security metrics and key performance indicators. Participation in security awareness and training initiatives, researching and staying updated on emerging security trends and best practices, and identifying and tracking risk issues are also key responsibilities.

Responsibilities

  • Conduct security assessments of third-party vendors and service providers.
  • Review and validate security reports, questionnaires, and evidence from third parties.
  • Identify and track security risks and issues related to third parties.
  • Recommend and implement security controls and remediation actions for third parties.
  • Maintain and update the third-party security inventory and risk register.
  • Prepare third-party risk reports to effectively communicate residual risk to business stakeholders.
  • Review risk assessment workflows in third-party risk management tool to build new workflows and identify opportunities to increase automation and incorporation of Artificial Intelligence into the program.
  • Assist in the development of various risk assessment scopes to expand the third-party cyber risk program.
  • Work with stakeholders across the organization to understand key third-party relationships and develop continuous monitoring plans to assess risk.
  • Support the Cyber Risk and Awareness department in the ongoing execution of the Cyber Risk Management program.
  • Partner with business teams to identify, document, assess and mitigate existing and emerging cyber security risks based on the sensitivity level of data in use, control of the data internally and externally, and unique needs of the business unit.
  • Perform cybersecurity risk assessments of internal systems and processes.
  • Support the development and maintenance of security policies, standards, and procedures.
  • Monitor and report on security metrics and key performance indicators.
  • Participate in security awareness and training initiatives.
  • Research and stay updated on emerging security trends and best practices.
  • Identify and track Risk Issues and support risk issue owners in identifying ways to mitigate or remediate risks to the IT organization.

Requirements

  • 1-3 years of experience in Information Technology, Cybersecurity, Risk Management, Risk Assessments, or similar fields.
  • Bachelor's degree with Emphasis on Information Security, Management Information Systems, Business Intelligence, or similar discipline.
  • Project management, time management, and prioritization capabilities, with an aptitude for breaking down work into manageable parts, effectively assessing the priority and time required to complete each part.
  • Familiarity with cybersecurity management frameworks including NIST, IS27001, COBIT 5.
  • Demonstrated ability to digest complex concepts quickly and a strong desire to gain knowledge of networks, desktops, servers, cloud and software as a service technology.
  • Ability to identify and evaluate risk in accordance with the company and business unit's overall risk tolerance.
  • An ability to effectively present findings and convince others to make appropriate changes in their priorities and behaviors for the benefit of the organization.
  • An ability to communicate risks to employees outside Information Security in a way that consistently drives objective decisions about risk in order to optimize the trade-off between risk mitigation and business performance.

Nice-to-haves

  • Familiarity in dashboarding and reporting through visualization platforms like PowerBI.
  • Hands-on experience and/or familiarity with Governance Risk and Compliance platforms.
  • Advanced interpersonal skills, including teamwork, facilitation, and negotiation.
  • A desire to learn new things and a mindset of continuous improvement.

Benefits

  • Competitive health insurance coverage starting on the first day of employment.
  • Dental insurance coverage.
  • 401k retirement savings plan with company contributions.
  • Wellness benefits.
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service