Analyst, Risk & Compliance

Url to apply- https://in.indeed.com/jobs?q=iso%2027001&l&vjk=6a788be9f5697069

General Mills2,219 reviews - Mumbai, Maharashtra

Remote

:

India is among the top ten priority markets for General Mills, and hosts our Global Shared Services Centre. This is the Global Shared Services arm of General Mills Inc., which supports its operations worldwide. With over 1,300 employees in Mumbai, the center has capabilities in the areas of Supply Chain, Finance, HR, Digital and Technology, Sales Capabilities, Consumer Insights, ITQ (R&D & Quality), and Enterprise Business Services. Learning and capacity-building is a key ingredient of our success.

Job Description:

Job Overview

The Third-Party Security Analyst role is responsible for performing security risk assessments within the General Mills Third Party Security program. This role provides support to managing third party relationships and obtaining the necessary data from third parties to assess their security posture. The analyst will assist business users with the intake process to gauge the initial 3rd party risk profile and then assign various questionnaires based on criticality. This will include managing a questionnaire-based process requiring the assessment and scoring of more critical vendors. Vendors are measured against various frameworks including: NIST, FFIEC, and PCI.

Job Responsibilities

100% of Time Duties include:

• General Mills stakeholder intake process and technical tool support
• Creation and execution of third-party security assessments
• Following up with third parties on questions and comments related to the assessments
• Reporting and communication of assessment results and recommendations
• Providing third party technical support for GMI’s assessment tool
• Tracking of vendor remediation activities
• Reassessment of critical assessments on a periodic basis
• Escalation of security issues where appropriate
• Providing support for audit inquiries
• Validation of 3rd Party Security controls to ensure compliance with General Mills policies.

Desired Profile

Education

Minimum Degree Requirements: Bachelors
Preferred Degree Requirements: Masters
Preferred Major Area of Study: Security Infrastructure
Required Professional Certifications:
Preferred Professional Certifications: CTPRP, ISO 27001:2013 lead auditor

Experience

Minimum years of related experience required: 1-2 years of risk assessment experience
Preferred years of related experience: 2+ years of risk assessment experience

Specific Job Experience or Skills Needed

• Bachelors of Arts/Science in Information Technology
• Past IT Security experience
• Strong Auditing skills is desired
• Knowledge of standards such as ISO27001:2013, PCI-DSS
• Strong relationship management skills
• Strong communication and collaboration skills
• Results-oriented, high energy, self-motivated

Competencies/Behaviors required for job

• Self-starter with ability to drive an item from concept to full implementation with minimal guidance
• Ability to prioritize and complete multiple tasks on tight deadlines
• Ability to conduct thorough analysis and recommend data driven actions
• Focused curiosity and drive to independently push through ambiguity to obtain results
• Strong oral & written communication, listening and presentation skills.

Company Overview:

We exist to make food the world loves. But we do more than that. Our company is a place that prioritizes being a force for good, a place to expand learning, explore new perspectives and reimagine new possibilities, every day. We look for people who want to bring their best — bold thinkers with big hearts who challenge one other and grow together. Because becoming the undisputed leader in food means surrounding ourselves with people who are hungry for what’s next.