Campbell Company Of Canada - Camden, NJ
posted about 2 months ago
Campbell's is seeking a Security Analyst - Risk Management to be a vital part of a cross-functional team of risk analysts. This role will focus on supporting improvements in the maturity of the overall cybersecurity program through the execution of risk assessments both internally at the organization and with third-party vendors to evaluate the risk profile and develop risk treatment plans. The successful candidate will have the desire to deliver high-quality information security initiatives, and the ability to communicate effectively with technical and non-technical audiences. In the Vendor Information Risk domain, the Security Analyst will conduct security assessments of third-party vendors and service providers, review and validate security reports, questionnaires, and evidence from third parties, and identify and track security risks and issues related to third parties. The role also involves recommending and implementing security controls and remediation actions for third parties, maintaining and updating the third-party security inventory and risk register, and preparing third-party risk reports to effectively communicate residual risk to business stakeholders. Additionally, the analyst will review risk assessment workflows in the third-party risk management tool to build new workflows and identify opportunities to increase automation and incorporate Artificial Intelligence into the program. In the Information Technology Risk Management area, the analyst will support the Cyber Risk and Awareness department in the ongoing execution of the Cyber Risk Management program. This includes partnering with business teams to identify, document, assess, and mitigate existing and emerging cybersecurity risks based on the sensitivity level of data in use, control of the data internally and externally, and unique needs of the business unit. The analyst will perform cybersecurity risk assessments of internal systems and processes, support the development and maintenance of security policies, standards, and procedures, and monitor and report on security metrics and key performance indicators. Participation in security awareness and training initiatives, researching and staying updated on emerging security trends and best practices, and identifying and tracking risk issues are also key responsibilities.