What are the responsibilities and job description for the Lead IT Security Analyst - Security Risk Evaluation position at Kellogg Company?
We have an opening for you to grow with us a Lead IT Security Analyst – Security Risk Evaluation in the Governance, Risk and Compliance (GRC) of Kellogg’s Global Cybersecurity team. This role can work remotely / virtual in any US location where Kellogg is registered to do business. Preference for Chicago area or Battle Creek, MI.
Join our dynamic, progressive team of IT professionals in an environment where you can learn, grow, and create innovative technology solutions to help our business flourish. Become a part of our rich heritage that has grown from a small family business to a global organization with a presence in over 180 countries. At the heart of the Kellogg Company is technology — a key enabler of how we market, sell and manufacture our well-known and beloved brands to consumers around the globe.
HERE’S A TASTE OF WHAT YOU’LL BE DOING
Data Security Governance: Perform security risk assessments of technology solutions and 3rd party providers to determine information security risks to the enterprise. Work closely with data / process owners and IT project stakeholders to clearly understand solutions being implemented and provide guidance on control requirements / risk mitigation actions and associated risk of non-compliance. Work closely with Project Delivery Management, Enterprise Architecture, Application / Security Architecture, Legal and Procurement teams to drive implementation of appropriate controls to comply with Kellogg’s policy / standards to reduce security risk to acceptable level. Provide overall oversight to global and regional IT Security Leads to ensure security risk assessments are performed consistently and timely.
GRC Process Ownership: Serve as Subject Matter Expert (SME) of Kellogg’s Security Risk Evaluation (SRE) process. Lead efforts to continuously improve the SRE process to meet or exceed all stakeholder’s expectations. Build professional relationships across the company and work closely with and influence senior decision makers in other departments to identify, recommend, develop, implement and support a risk informed decision and action framework. Leverage analytical skills to gain insights, technical proficiency to deliver right-fit solutions, and stellar communications skills to present findings, discovery and recommendations in a logical and easily understandable manner. Deliver awareness and training program on security and privacy matters for employees and contractors.
GRC Tool Oversight: Serve as product owner of Kellogg’s GRC tool, development and sustainment. Provide leadership and oversight of our development / support team to ensure development and sustainment work are completed as planned. Keep up with product updates to ensure we take advantage of relevant product features and capabilities.
YOUR RECIPE FOR SUCCESS
Required:
High School Diploma or GED with related IT and IT Security work experience.- Experience in information technology, information security and related field.
- Direct experience in Cybersecurity risk management practices and programs, 3rd party risk assessments, Privacy by Design concepts, and conducting information security risk assessments or business impact assessments.
- Experience with various IT governance, control frameworks, and standards such as NIST CSF, COBIT, ISO 2700x, SOC II and domestic and global security regulations / directives including GPDR, SOX, CSA, CCPA, etc.
- Advanced verbal and written communication skills at all levels of organization in a matrixed environment, along with ability to work independently and juggle multiple priorities.
- Analytical and troubleshooting skills, demonstrating an aptitude for conducting quantitative and qualitative analysis of large and complex data, problem-solving, negotiation and decision-making skills.
- Extensive relevant experience in planning, administering, developing or delivering solutions in GRC platforms (e.g. RSA Archer, OneTrust, or equivalent).
- Proactive problem-solving, negotiation and decision-making skills to influence management, as well as internal and external partners
- Experience using Scalable Agile Framework or Agile ways of working
Bonus Points:
- Bachelor’s degree in IT, computer science, information security or a related field.
- Related certifications such as CISM, CRISC, and CISSP, or have certification in progress.
- Work experience in a Global company, working on globally scoped projects.
- Experience in project management, business / system / data analysis or governance.
- Strong Office365 (Word, PowerPoint, Excel) skills.
- Archer, One Trust or other GRC tool, Business Analyst or Administrator Training
WHAT’S NEXT
It’s best to apply today, because job postings can be taken down and we wouldn’t want you to miss this opportunity. To learn more about what’s next, click on the links below:
- Kellogg K-Values
- New Hire Benefits Guide
THE FINER PRINT
Kellogg’s is preparing to officially launch its exciting new Locate for Your Day global hybrid work approach in the U.S., when we’re able to safely return to the office. Locate For Your Day gives eligible office-based employees the flexibility to work from home or the office, wherever they’ll be the most productive based on the demands of their day, provided they’re in the office at least 50% in any given month. Our recruiting team can fill you in on the exact details for this position.
The ability to work a full shift, come to work on time, work overtime as needed and the ability to work according to the necessary schedule to meet job requirements with or without reasonable accommodation is an essential function of this position.
Kellogg Company is an Equal Opportunity Employer that strives to provide an inclusive work environment, a seat for everyone at the table, and embraces the diverse talent of its people. All qualified applicants will receive consideration for employment without regard to race, color, ethnicity, disability, religion, national origin, gender, gender identity, gender expression, marital status, sexual orientation, age, protected veteran status, or any other characteristic protected by law. For more information regarding our efforts to advance Equity, Diversity & Inclusion, please visit our website here.
Where required by state law and/or city ordinance; this employer will provide the Social Security Administration (SSA) and, if necessary, the Department of Homeland Security (DHS), with information from each new employee’s Form I-9 to confirm work authorization. For additional information, please follow this Link.
If you require reasonable accommodation in completing this application, please reach out to USA.Recruitment@kellogg.com
LET’S CREATE THE FUTURE OF FOOD
Kellogg Recruitment