Senior Cybersecurity Risk Analyst
Perdue Farms, Inc.
Perdue Farms is a family-owned food and agriculture company now in its second century of growth and innovation. We were founded on trust—a value that carries through everything we do. Perdue Foods is a leader in Premium Proteins and Perdue AgriBusiness ranks among the top US grain companies.
**Summary**
Perdue is seeking a Sr. Cybersecurity Risk Analyst to join our Information Security team. This position will actively contribute to the on-going maturation of the company's information security program through executing security assessments, guiding secure technology implementations, and mitigating cyber risk. The ideal candidate will have a technical or cybersecurity background (e.g. security operations, security engineering) that can effectively lead and advise on cybersecurity implementation, assessments, and cyber risk reduction strategies for IT and business initiatives.
**Principal and Essential Duties & Responsibilities**
+ Create and maintain partnering relationships with business leaders and managers to advise on cybersecurity requirements for project implementation and execution.
+ Manage and guide IT and business areas on technical remediations stemming from vulnerability assessments, pen tests, application security assessments, audit, etc. providing prioritized remediation efforts.
+ Provide input into cybersecurity strategies and plans based on evolving technology risk and business initiatives stemming from security assessments and industry requirements.
+ Lead cybersecurity projects for identifying and mitigating risk (maturity assessment, cyber controls assessment, PCI-DSS, HIPAA, etc.) as needed.
+ Provide and assess the security of third-party solutions and supplier integrations; recommend appropriate security controls and contractual language.
+ Track, measure, validate, and report on risk identification, acceptances, and remediation efforts.
+ Maintain information security policies and standards to support the on-going protection and security requirements for the organization.
+ Support CSIRT and cybersecurity operations teams during tabletop exercises, incident response, legal request, and internal investigation as needed based on aligned business/IT areas.
**Minimum Education and Experience**
Bachelor’s degree in Information Systems, Cyber Security, Computer Science or related discipline is preferred, however, equivalent years of experience may be considered in lieu of educational requirements, and a minimum of seven (7) years of Information Technology experience, with at least three (3) years within Information Security.
The ideal candidate will also have:
+ Previous experience in one of the following domains, cybersecurity operations, architecture, or engineering.
+ Experience engaging vendors and consultants to execute cyber assessments.
+ Working knowledge of industry control frameworks and standards, NIST CSF, CIS, OWASP, and MITRE ATT&CK
+ Proficiency in information security domains, including risk and control assessments, policies and standards, secure systems development lifecycle, regulatory compliance, access controls, incident management, vulnerability management, and data protection.
+ Understanding of cyber security threat modeling, risk management concepts, cyber security frameworks, secure coding principles, and security technologies.
**Experience Preferred**
+ CISSP, CISM, CRISC, GSEC, GCIH, Security+, etc.
+ Prior experience working in manufacturing, retail, medical, energy, finance, food, consumer goods or pharmaceutical industries.
+ Experience with one more of the following industry regulations, PCI-DSS, HIPAA, DHS-CFATS
**Environmental Factors and Physical Requirements**
The environmental factors and/or physical requirements of this position include the following:
Ability to work in an open-partitioned cubicle environment.
Ability to communicate via telephone.
Ability to support off-hours for problems and staffing coverage.
Ability to operate a computer terminal and a workstation, using keyboard, mouse and reading a monitor.
Ability to remain stationary for up to 7.5 hours a day or more.
Ability to travel, possibly overnight, to any customer area, which could be any Perdue facility or to a remote site for disaster recovery or training.
Ability to carry or transport hardware/software up to 30 lbs. Must be able to implement hardware.
Ability to climb stairs/ladder, work in parts of the building/facility which house the wiring infrastructure to review, test or implement computer products/services..
_Perdue Farms, Inc. is an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status._
Confirm your E-mail: Send Email
All Jobs from Perdue Farms, Inc.