Share this Job

Senior Cybersecurity Risk Analyst

Date:  Aug 1, 2022
Location: 

Salisbury, MD, US, 21804

Req ID:  53302
Job Function:  Information Technology

Perdue Farms is a family-owned food and agriculture company heading into it's second century of growth and innovation.  We were founded on trust—a value that carries through everything we do. Perdue Foods is a leader in Premium Proteins and Perdue AgriBusiness ranks among the top US grain companies. 

Summary

Perdue is seeking a Sr. Cybersecurity Risk Analyst to join our Information Security team.  This position will actively contribute to the on-going maturation of the company's information security program through executing security assessments, guiding secure technology implementations, and mitigating cyber risk.  The ideal candidate will have a technical or cybersecurity background (e.g. security operations, security engineering) that can effectively lead and advise on cybersecurity implementation, assessments, and cyber risk reduction strategies for IT and business initiatives. 

Principal and Essential Duties & Responsibilities

  • Create and maintain partnering relationships with business leaders and managers to advise on cybersecurity requirements for project implementation and execution.
  • Manage and guide IT and business areas on technical remediation stemming from vulnerability assessments, pen tests, application security assessments, audit, etc. providing prioritized remediation efforts.
  • Provide input into cybersecurity strategies and plans based on evolving technology risk and business initiatives stemming from security assessments and industry requirements.
  • Lead cybersecurity projects for identifying and mitigating risk (maturity assessment, cyber controls assessment, PCI-DSS, HIPAA, etc.) as needed. 
  • Provide and assess the security of third-party solutions and supplier integrations; recommend appropriate security controls and contractual language.
  • Track, measure, validate, and report on risk identification, acceptances, and remediation efforts.  
  • Maintain information security policies and standards to support the on-going protection and security requirements for the organization.
  • Support CSIRT and cybersecurity operations teams during tabletop exercises, incident response, legal request, and internal investigation as needed based on aligned business/IT areas.

Minimum Education

  • Bachelor’s degree in Information Systems, Cyber Security, Computer Science or related discipline is preferred, however, equivalent years of experience may be considered in lieu of educational requirements.

Experience Requirements

  • A minimum of seven (7) years of Information Technology experience, with at least three (3) years within Information Security.
  • Previous experience in one of the following domains, cybersecurity operations, architecture, or engineering.
  • Experience engaging vendors and consultants to execute cyber assessments.
  • Working knowledge of industry control frameworks and standards, NIST CSF, CIS, OWASP, and MITRE ATT&CK
  • Proficiency in information security domains, including risk and control assessments, policies and standards, secure systems development lifecycle, regulatory compliance, access controls, incident management, vulnerability management, and data protection.
  • Understanding of cyber security threat modeling, risk management concepts, cyber security frameworks, secure coding principles, and security technologies.  

Experience Preferred

  • CISSP, CISM, CRISC, GSEC, GCIH, Security+, etc.
  • Prior experience working in manufacturing, retail, medical, energy, finance, food, consumer goods or pharmaceutical industries.
  • Experience with one more of the following industry regulations, PCI-DSS, HIPAA, DHS-CFATS
  • Excellent interpersonal skills, self-confident, motivated, and capable of working with limited supervision.
  • Team-oriented with proven skills in clearly guiding others, without having direct management authority and motivating them to successfully mitigate risk within required timelines.
  • Able to discuss issues at technical and business levels with audiences of various backgrounds.
  • Strong desire and aptitude for continuous learning and keeping abreast of new and emerging technology.

Environmental Factors and Physical Requirements

The environmental factors and/or physical requirements of this position include the following:
Ability to work in an open-partitioned cubicle environment.
Ability to communicate via telephone.
Ability to support off-hours for problems and staffing coverage.
Ability to operate a computer terminal and a workstation, using keyboard, mouse and reading a monitor.
Ability to remain stationary for up to 7.5 hours a day or more.
Ability to travel, possibly overnight, to any customer area, which could be any Perdue facility or to a remote site for disaster recovery or training.
Ability to carry or transport hardware/software up to 30 lbs. Must be able to implement hardware.
Ability to climb stairs/ladder, work in parts of the building/facility which house the wiring infrastructure to review, test or implement computer products/services.

 

 

Perdue Farms, Inc. is an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status.


Nearest Major Market: Salisbury