THE BIG PICTURE
Sysco LABS is the captive innovation center for Sysco Corporation (NYSE:SYY), a Fortune 100 company and the world’s largest foodservice provider with 71,000+ associates, 330+ distribution centers and over 725,000 customers in 90 countries. For fiscal 2023 that ended July 1, 2023, Sysco generated over $76 billion in sales.
Sysco LABS powers Sysco’s farm-to-fork operations and our technology is present in the sourcing of food products, merchandising, storage and warehouse operations, order placement and pricing algorithms, the delivery of food and supplies to Sysco’s global network, the in-restaurant dining experience of the end-customer and much more.
Our technology ecosystem spans 600+ applications, monitoring and incident management across 10,000+ servers, multi-cloud – multi-platform event streaming and microservices architecture, and enterprise-grade systems that power a catalog of over 1.4 million products, 330+ distribution centers and a fleet of 14,000 IoT-enabled delivery trucks, and more.
Everything we do at Sysco LABS supports Sysco’s Purpose of ‘Connecting the world to share food and care for one another’, and our technology directly impacts millions of food consumers in a trillion-dollar, global industry.
THE OPPORTUNITY
The Lead Cyber Analyst – SITRM will be responsible for conducting supplier assessments and leading the local assessment team in supporting Sysco’s global Cybersecurity Supplier IT Risk Management (SITRM) Program.
RESPONSIBILITIES
- Executing security risk assessment and analysis of suppliers across all stages of the supplier lifecycle and partnering with global vendor management teams, technology, and business functions to educate and communicate cyber risk
- Managing and guiding the work of team members to include assessment workflow, throughput, and quality
- Supporting implementation and operation of program enhancement efforts including assessment process and technical requirements; training team members and stakeholders on updated program and processes changes
- Preparing and communicating monthly program metrics and reporting to the appropriate program leads
- Providing input on third party security controls, exceptions, and remediation plans to continuously improve assessment process to reduce cyber risk
REQUIREMENTS
- Bachelor’s Degree in Information Technology, Information Systems, Computer Science or a related technical field of study, related experience may be considered in lieu of required education
- 6 or more years of experience in IT audit, supplier IT risk, vendor, or third-party security risk management
- Strong experience with third party security assessment and management tools (Archer preferred)
- Strong experience in third party security risk assessment methodologies and industry frameworks
- Strong experience in coordinating and managing work performed by internal and external team resources
- Strong experience in coordinating and managing work performed by internal and external team resources
- Strong experience of Shared Assessment Third-Party Risk Management practices and questionnaires
- Strong experience in application, network, and cloud security domains and assessments
- Strong critical thinking and planning skills
- Experience in large enterprise environments
- Excellent oral and written communication and ability to engage with stakeholders across the enterprise
- CISSP, CISM, CISA, CTPRP or CTPRA, ISSAP, ISSEP; a minimum of one active security certification is a must
BENEFITS
- US dollar-linked compensation
- Performance-based annual bonus
- Performance rewards and recognition
- Agile Benefits - special allowances for Health, Wellness & Academic purposes
- Paid birthday leave
- Team engagement allowance
- Comprehensive Health & Life Insurance Cover - extendable to parents and in-laws
- Overseas travel opportunities and exposure to client environments
- Hybrid work arrangement
Sysco LABS is an Equal Opportunity Employer.
