3rd Party Security Risk Analyst

Security, Analyst, Validation, IT
Full Time
Work from home not available Travel not required

Job Description


The Third Party Security Analyst role is responsible for performing security risk assessments within the General Mills Third Party Security program. This role provides support to managing third party relationships and obtaining the necessary data from third parties to assess their security posture. The analyst will assist business users with the intake process to gauge the initial 3rd party risk profile and then assign various questionnaires based on criticality. This will include managing a questionnaire-based process and tool requiring the assessment and scoring of critical vendors. Vendors are measured against various frameworks including: NIST, FFIEC, and PCI.

  • General Mills stakeholder intake process and technical tool support
  • Creation and execution of third-party security assessments
  • Following up with third parties on questions and comments related to the assessments
  • Reporting and communication of assessment results and recommendations
  • Providing third party technical support for GMI's assessment tool
  • Tracking of vendor remediation activities
  • Reassessment of critical assessments on a periodic basis
  • Escalation of security issues where appropriate
  • Facilitation of 3rd Party Risk Acceptance Process where appropriate
  • Providing support for audit inquiries
  • Validation of 3rd Party Security controls to ensure compliance with General Mills policies

  • Bachelor's Degree
  • Previous experience in supporting a team environment in a global matrixed organization
  • Can prioritize & complete multiple tasks on tight deadlines
  • Outstanding customer service skills
  • Ability to prioritize and complete multiple tasks on tight deadlines
  • Ability to work independently and escalate issues as appropriate
  • Promotes and demonstrates initiative by identifying opportunities and ensuring development of sustainable solutions that add value to the business or IT Security
  • Motivated individual with a passion for understanding and delivering business value and service excellence
  • Collaborates with stakeholders to prioritize and align tasks
  • Strong communication skills with ability to communicate complex issues to a diverse audience

  • Previous 3rd Party Security Risk experience
  • Experience working with remote team members and stakeholders

Dice Id : RTX14a271
Position Id : 11880
Originally Posted : 4 weeks ago
Have a Job? Post it

Similar Positions

IT Security Risk Analyst GRC
  • Request Technology, LLC
  • Minneapolis, MN
Cyber Security Consultant
  • York Solutions, LLC
  • Minneapolis, MN
Cyber Security Consultant- Sr
  • The Judge Group, Inc.
  • Minneapolis, MN
Security Analyst
  • Andersen Corporation
  • Oak Park Heights, MN
Info Security Engineer
  • Fulcrum Consulting
  • Minneapolis, MN
Systems Security Administrator
  • Robert Half Technology
  • Bayport, MN
SR. Cyber Security Consultant
  • Select Source International
  • Minneapolis, MN
Database Developer w/Infosec
  • Dahl Consulting
  • St Paul, MN
Cloud Security Architect
  • Wipro Ltd.
  • Mounds View, MN
Senior Cyber Security Engineer
  • Infinity Consulting Solutions
  • Edina, MN
Information Security Operations Manager
  • Federal Reserve Bank Minneapolis
  • Minneapolis, MN
Penetration Tester
  • Piper Companies
  • Eagan, MN
Ethical Security Hacker, Red Team
  • Surescripts
  • Minneapolis, MN