We have an opening for you to grow with us a Lead IT Security Analyst – Security Risk Evaluation in the Governance, Risk and Compliance (GRC) of Kellanova’ s Global Cybersecurity team. This role can work remotely / virtual in any US location where Kellanova is registered to do business. Preference for Chicago area or Battle Creek, MI.

Join our dynamic, progressive team of IT professionals in an environment where you can learn, grow, and create innovative technology solutions to help our business flourish.  Become a part of our rich heritage that has grown from a small family business to a global organization with a presence in over 180 countries.  At the heart of the Kellanova Company is technology — a key enabler of how we market, sell, and manufacture our well-known and beloved brands to consumers around the globe. 

A Taste of What You’ll Be Doing

  • Data Security Governance - Define and build the risk management program using industry standards and guidelines.  Perform security risk assessments of technology solutions and 3rd party providers to determine information security risks to the enterprise. 
  • Solution Focused - Work closely with data / process owners and IT project stakeholders to clearly understand solutions being implemented and provide guidance on control requirements / risk mitigation actions and associated risk of non-compliance.  Integrate automation into the risk register process to manage the lifecycle of risk issues.
  • Process Ownership - Work closely with Project Delivery Management, Enterprise Architecture, Application / Security Architecture, Legal and Procurement teams to drive implementation of appropriate controls to comply with Kellanova policy / standards to reduce security risk to acceptable level.  Provide overall oversight to global and regional IT Security Leads to ensure security risk assessments are performed consistently and timely.
  • GRC Oversight - Serve as product owner of Kellanova’ s GRC tool, development, and sustainment / support.  Create training materials for the risk management program and conduct global training and awareness to promote the program.
  • Risk Awareness - Keep up with product updates to ensure we take advantage of relevant product features and capabilities.  Ensure policies and standards are created and maintained for the overall risk program.  Identify areas of maturity for the overall risk program and create a roadmap to address key program challenges.

Your Recipe for Success

  • High School Diploma or GED with related IT and IT Security work experience.
  • Direct experience in Cybersecurity risk management practices and programs, 3rd party risk assessments, Privacy by Design concepts, and conducting information security risk assessments or business impact assessments.
  • Experience with various IT governance, control frameworks, and standards such as NIST CSF, COBIT, ISO 2700x, SOC II and domestic and global security regulations / directives including GPDR, SOX, CSA, CCPA, etc.
  • Analytical and troubleshooting skills, demonstrating an aptitude for conducting quantitative and qualitative analysis of large and complex data, problem-solving, negotiation and decision-making skills.
  • Extensive relevant experience in planning, administering, developing, or delivering solutions in GRC platforms (e.g. RSA Archer, OneTrust, or equivalent).
  • Proactive problem-solving, negotiation and decision-making skills to influence management, as well as internal and external partners
  • Experience using Scalable Agile Framework or Agile ways of working
Technical Skills
Other
Is a Remote Job?
Remote
Employment Type
Full time

Kellanova (NYSE: K) is a leader in global snacking, international cereal and noodles, and North America frozen foods with a legacy stretching back more than 100 years. Powered by differentiated brands...

Apply Now