Sr. Analyst, Third Party Risk Management
This role is responsible for supporting the development and maturation of the Third Party Security Risk program. In this role, you will be an expert of the third party security risk assessment end to end process. This will involve executing workflows and processes for conducting cyber security assessments, being an escalation point for peers evaluating vendor responses, and influencing decisions based on business requirements and risk exposure. You will drive awareness of Third-Party Security Risk throughout the organization, and support in continued maturation and integration of Cyber Security Risk Management into Supply Chain.
- Perform analysis of completed cyber security questionnaire and supporting documentation, identifying control gaps with General Mills and industry standards
- Communicate security concerns to the supplier and business stakeholder; collectively develop and execute an appropriate remediation/mitigation plan
- Drive accountability with supplier relationship owner and supplier for proper risk mitigation in compliance with General Mills expectations
- Collaborate with appropriate global business areas to proliferation and integration of Third Party Security Risk program requirements
- Support workflow tools used to conduct vendor and other security assessments
- Act as an escalation point, change leader, and mentor for peers
- Maintain awareness on emerging market trends and technologies in the cyber risk space
- Bachelor’s degree in Cyber Security, Management Information Systems, Information Security or equivalent work experience in the cyber risk space
- 3+ years experience in Cyber Security, Risk Management, or IT Audit
- Strong technical acumen with a solid understanding of security controls, technologies and network architecture
- Strong MS Excel skills to analyze data and conduct ad hoc investigations to support decisions
- Strong verbal and written communication skills
- Ability to independently manage large projects with multiple stakeholders
- Ability to interact with and influence personnel at all levels
- Master’s degree
- Direct experience with industry standard frameworks (NIST, ISO 27001 & 27002, CIS Controls) and artifacts of compliance reports such as SOC, SSAE, or ISO
- Professional Certifications: Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Security Professional (CISSP), Certified Third Party Risk Professional (CTPRP)
- Applicants must be currently authorized to work in the U.S. General Mills will not sponsor applicants for a U.S. work visa
- Relocation support will not be offered to applicants within the United States.
- International relocation or international remote working arrangements (outside of the US) will not be considered.
- We are open to 100% remote work candidates with occasional travel based on business needs.
We exist to make food the world loves. But we do more than that. Our company is a place that prioritizes being a force for good, a place to expand learning, explore new perspectives and reimagine new possibilities, every day. We look for people who want to bring their best — bold thinkers with big hearts who challenge one other and grow together. Because becoming the undisputed leader in food means surrounding ourselves with people who are hungry for what’s next.
The salary range for this position is $90100.00 - $150300.00 / Annually. At General Mills we strive for each employee's pay at any point in their career to reflect their experiences performance and skills for their current role. The salary range for this role represents the numerous factors considered in the hiring decisions including, but not limited to, educations, skills, work experience, certifictions, etc. As such, pay for the succesful candidate(s) could fall anywhere within the stated range. Beyond base salary, General Mills offers a competitive Total Rewards package focusing on your overall well-being. We are proud to offer a foundation of health benefits, retirement and financial wellbeing, time off programs, wellbeing support and perks. Benefits may vary by role, country, region, union status, and other employment status factors. You may also be eligible to participate in an annual incentive program. An incentive award, if any, depends on various factors, including, individual and organizational performance.