Security Vendor Risk Sr. Analyst in Budd Lake, NJ

Mars Inc   •  

Budd Lake, NJ 07828

Industry: Food & Beverages

  •  

5 - 7 years

Posted 56 days ago

***Role can sit in Chicago, IL or Mt. Olive, NJ***

This role is necessary to lead cross functional teams to develop network technical controls to protect Mars' information assets. Additionally, this role is a deep technical subject matter expert that can determine the proper course of action in the event of a security incident. Develop technical recommendations to support team strategy. Write technical security standards and train other teams on how to support the standards. This role is responsible for performing security assessments to identify and track these risks. This position will be responsible for working with project teams and vendors to ensure they have the proper IT security in place to minimize the risk of Mars being impacted by a successful attack.

Key Responsibilities:

  • Input into the creation of global strategic roadmaps within security technology
  • Develop security standards, ensure global acceptance and adherence
  • Create designs for global security technology in alignment with strategy
  • Lead implementation of major security technologies for Mars Inc.
  • Tier 3 support role for incidents related to deployed security technologies
  • Manage inventory of Mars technical security controls to ensure adoption and for enhancements
  • Member of incident response team to assist in closing of security incidents
  • Responsible for performing security assessments for internal and external projects. The assessment must include identifying security gaps and partnering with the project teams to agree corrective actions or compensating controls to remediate them.
  • Evaluate the security of vendors and hosted solutions based on approved security standards. Determine risk and potential impact based on emerging security threats
  • Perform risk assessments, security audits, vulnerability assessments and/or gap analysis as required
  • Conduct PCI audits
  • Perform web application security testing.
  • Create metrics & reporting for the program
  • Context and Scope:
  • Knowledge of vendor landscape and capabilities.
  • Technical expertise in their functional security technologies and knowledge of Mars platforms. Strong internal relationships including platform development.
  • Leverage project management skills to deliver new technologies.
  • Analyse and rank risks. Schedule follow up meetings with project teams and vendors to discuss remediation and track progress.
  • Document residual risk and risk acceptance
  • Produce vendor security metrics for senior management.
  • Continually enhance program to protect against new threats
  • Partner with commercial & Enterprise Architecture teams to identify projects requiring assessments. Work to embed security assessment in existing processes
  • Job Specifications/Qualifications:
  • Education & Professional Qualification:
  • University degree (engineering/IT/computer science) or equivalent work experience, CISSP.
  • Knowledge/Experience:
  • 5+ years work experience implementing IT technologies, significant experience with security infrastructure technologies and malware remediation.


Valid Through: 2019-11-12