Sr. Staff Cyber Security Analyst

Job Description

** Prior to applying it is required that you inform your manager of your desire to apply for a new position. **

Why choose us?

Are you ready to take the next step in your career? Join us for an exciting opportunity at Albertsons Companies, where innovation and customer service go hand-in-hand!

At Albertsons Companies, we are looking for someone who's not just seeking a job, but someone who wants to make an impact. In this role, you'll have the opportunity to lead, innovate, and contribute to the growth of a company that values great service and lasting customer relationships. This position offers the chance to work in a fast-paced, dynamic environment that's constantly evolving.

Main responsibilities:

This Senior Staff Analyst will be instrumental in supporting the execution of our information security controls testing program and leading the development of our enterprise risk management (ERM) framework. They will work across various technological domains, focusing on ensuring the design and operating effectiveness of security controls toward ensuring a more secure environment. This security professional will be responsible for collaborating with stakeholders to identify control deficiencies and develop actionable remediation plans toward safeguarding our critical assets and sensitive information.

Key Responsibilities include, but are not limited to:

• Support execution of our information security controls testing program, including planning, fieldwork, analysis, and reporting for various control types (technical, administrative, physical)

• Develop and document detailed test plans and methodologies to assess the design and operating effectiveness of security controls against established frameworks (e.g. NIST CSF, ISO 27001, CIS Controls, etc.)

• Identify control deficiencies, analyze root causes, and propose practical and actionable remediation recommendations to control owners and other stakeholders

• Lead the development and implementation of a formal enterprise risk management (ERM) program, including risk definition, identification, assessment, and treatment processes

• Facilitate risk treatment discussions to capture remediation plans toward enabling both timely and effective closure of identified risks

• Contribute to the development and maintenance of GRC policies, standards, and procedures, ensuring alignment with regulatory requirements and industry best practices

• Assist in the preparation for, and execution of, external audits and assessments

• Develop and deliver training and awareness materials on GRC principles and practices to various audiences

• Leverage GRC tools and technologies to streamline and automate GRC processes, including controls testing and risk management

• Stay abreast of emerging threats, vulnerabilities, and regulatory changes impacting the information security landscape

• Mentor and provide guidance/training to less experienced staff as a subject matter expert

Information Security skills and experience

• You are a self-starter capable of prioritizing, developing, and executing controls testing plans with limited supervision

• You can interpret and contextualize control objectives to analyze their efficacy given a wide variety of technologies and business processes

• You possess strong conceptual thinking and have excellent communication skills

• You can articulate risk and controls concepts to a wide variety of audiences

• You have working knowledge of industry standard controls frameworks (e.g. NIST CSF, CIS Controls, ISO 27001, etc.)

• You have a strong understanding of technology risk, information security fundamentals, defense-in-depth practices, risk assessment fundamentals, and risk management practices

• You are capable of articulating risk in business-impact terms

• You understand network, cloud, and application security principles and have experience with controls approaches addressing various risks in all domains

• You have a strong desire to continually learn about new technologies

Key Success Criteria:

• Successful and timely execution of the controls testing plan, with clear identification of control gaps and actionable remediation plans

• Establishment of a foundational enterprise risk register with clearly defined risks, assessments, and ownership

• Demonstrated improvement in the maturity of our internal controls testing processes and documentation

• Positive feedback from internal stakeholders on the clarity, effectiveness, and constructive nature of GRC engagements

• Development of clear and concise reporting on control effectiveness and risk posture for management review

• Proactive identification and escalation of potential security risks and control weaknesses

• Effective collaboration and communication with IT, business units, and other relevant departments

• Contributions to the enhancement of GRC policies, standards, and procedures that are practical and effective

• Mentorship of junior team members, fostering their growth and development

• Positive contributions to the overall security culture and awareness within the organization

The position will be based in Pleasanton, CA or Boise, ID.

We are looking for candidates who possess the following:

• Bachelor's degree (Computer Science, Information Systems, or a related field) or equivalent practical work experience

• 10+ years of professional cybersecurity experience focused on executing controls testing, risk assessments, and remediation plan development

• Proven experience in developing and implementing internal controls testing programs

• Demonstrated experience in building and maturing risk management frameworks

• Professional certifications desired (CISSP, CRISC, CISM, CISA, etc.)

• Strong analytical and problem-solving skills

• Excellent written and communication skills with the ability to present complex information clearly and concisely to various audiences

• Experience with GRC platforms and tools (i.e. RSA Archer) is highly desirable

• Familiarity with scripting languages (e.g., Python, PowerShell) for automation is an advantage

We also provide a variety of benefits including:

• Competitive wages paid weekly
• Associate discounts
• Health and financial well-being benefits for eligible associates (Medical, Dental, 401k and more!)
• Time off (vacation, holidays, sick pay). For eligibility requirements please visit myACI Benefits
• Leaders invested in your training, career growth and development
• An inclusive work environment with talented colleagues who reflect the communities we serve

Our Values - Click below to view video: ACI Values

The salary range is $ 157,900 to $ 205,300 annually. Starting salary will vary based on criteria such as location, experience, and qualifications. There may be flexibility for exceptional candidates.

A copy of the full job description can be made available to you.

#LI-MF1

About Us

Albertsons Companies is at the forefront of the revolution in retail. Committed to innovation and fostering a culture of belonging, our team is united with a unique purpose: to bring people together around the joys of food and to inspire well-being. We want talented individuals to be part of this journey!

Locally great and nationally strong, Albertsons Companies (NYSE: ACI) is a leading food and drug retailer in the U.S. We operate over 2,200 stores, 1,732 pharmacies, 405 fuel centers, 22 distribution facilities, and 19 manufacturing plants across 34 states and the District of Columbia. Our well-known banners include Albertsons, Safeway, Vons, Jewel-Osco, ACME, Shaw's, Tom Thumb, United Supermarkets, United Express, Randalls, Albertson's Market, Pavilions, Star Markets, Market Street, Carrs, Haggen, Lucky, Amigos, Andronico's Community Markets, King's, Balducci's, and Albertson's Market Street.

Our vision is to be a retail leader admired for national strength with deep local roots, offering an easy, fun, friendly, and inspiring experience, no matter how customers choose to shop with us. We celebrate the rich diversity of the communities we serve, and strive to create a workplace where everyone has equal access to opportunities and resources, and can fully contribute to their and our company's success.

Bring your flavor

Building the future of food and well-being starts with you. Join our team and bring your best self to the table.

Disclaimer

The above statements are intended to describe the general nature of work performed by the employees assigned to this job and are not the official job description for the position. All employees must comply with Company, Division, and Store policies and applicable laws. The responsibilities, duties, and skills of personnel may vary within store and/or from store to store and the official job description will be provided during the application process.

Albertsons is an Equal Opportunity Employer

This Company is an Equal Opportunity Employer, and does not discriminate on the basis of race, gender, ethnicity, religion, national origin, age, disability, veteran status, gender identity/expression, sexual orientation, or on any other basis prohibited by law. Consistent with applicable state and local law, the Company will consider for employment qualified applicants with arrest and conviction records.

We endeavor to make this site accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact us at 1-(option #4).