THE BIG PICTURE
Sysco LABS is the captive innovation center for Sysco Corporation (NYSE:SYY), a Fortune 100 company and the world’s largest foodservice provider with 71,000+ associates, 330+ distribution centers and over 725,000 customers in 90 countries. For fiscal 2023 that ended July 1, 2023, Sysco generated over $76 billion in sales.
Sysco LABS powers Sysco’s farm-to-fork operations and our technology is present in the sourcing of food products, merchandising, storage and warehouse operations, order placement and pricing algorithms, the delivery of food and supplies to Sysco’s global network, the in-restaurant dining experience of the end-customer and much more.
Our technology ecosystem spans 600+ applications, monitoring and incident management across 10,000+ servers, multi-cloud – multi-platform event streaming and microservices architecture, and enterprise-grade systems that power a catalog of over 1.4 million products, 330+ distribution centers and a fleet of 14,000 IoT-enabled delivery trucks, and more.
Everything we do at Sysco LABS supports Sysco’s Purpose of ‘Connecting the world to share food and care for one another’, and our technology directly impacts millions of food consumers in a trillion-dollar, global industry.
THE OPPORTUNITY
The Senior Cyber Analyst will be responsible for executing supplier assessments supporting Sysco’s global Cybersecurity Supplier IT Risk Management (SITRM) Program.
RESPONSIBILITIES
- Executing security risk assessments and analysis of suppliers across all stages of the supplier lifecycle and partnering with global vendor management teams, technology, and business functions to educate and communicate cyber risk
- Supporting the implementation and operation of program enhancement efforts including assessment process and technical requirements; training team members and stakeholders on updated program and processes changes
- Preparing and communicating monthly program metrics and reporting to the appropriate program leads
- Providing input on third party security controls, exceptions, and remediation plans to continuously improve assessment process to reduce cyber risk
REQUIREMENTS
- Bachelor’s Degree in Information Technology, Information Systems, Computer Science or a related technical field of study, related experience may be considered in lieu of required education
- 4 or more years of experience in IT audit, supplier IT risk, vendor, or third-party security risk management
- Working experience with third party security assessment and management tools (Archer preferred)
- Working experience in third party security risk assessment methodologies and industry frameworks
- Knowledge of Shared Assessment Third-Party Risk Management practices and questionnaires
- Solid experience in application, network, and cloud security domains and assessments
- Strong critical thinking and planning skills
- Experience in large enterprise environments
- Excellent oral and written communication and ability to engage with stakeholders across the enterprise
- CISSP, CISM, CISA, Shared Assessments Certified Third Party Risk Professional (CTPRP) or CTPRA, ISSAP, ISSEP; a minimum of one active security certification is a must
BENEFITS
- US dollar-linked compensation
- Performance-based annual bonus
- Performance rewards and recognition
- Agile Benefits - special allowances for Health, Wellness & Academic purposes
- Paid birthday leave
- Team engagement allowance
- Comprehensive Health & Life Insurance Cover - extendable to parents and in-laws
- Overseas travel opportunities and exposure to client environments
- Hybrid work arrangement
Sysco LABS is an Equal Opportunity Employer.
