Technology Risk Analyst - SAP (IT Security Analyst - SAP)
Technology Risk Analyst - SAP (IT Security Analyst - SAP)-UNI04827 Working at Cargill is an opportunity to thrive—a place to develop your career to the fullest while engaging in meaningful work that makes a positive impact around the globe. You will be proud to work for a company with a strong history of ethics and a purpose of nourishing people. We offer a diverse, supportive environment where you will grow personally and professionally as you learn from some of the most talented people in your field. With 150 years of experience Cargill provides food, agriculture, financial and industrial products and services to the world. We have 150,000 employees in 70 countries who are committed to feeding the world in a responsible way, reducing environmental impact and improving the communities where we live and work. Learn more at www.cargill.com.
The Technology Risk Analyst (“TRA”) provides guidance and support for technology risk management & compliance activities in reference to Corporate SAP solutions at the direction of the Technology Risk & Control Manager.
The TRA keeps abreast of technology risk trends and best practices and collaborates with service delivery participants, third party stakeholders and management to achieve the optimal alignment of technology control against technology and business objectives.
An example of the TRA's responsibility includes, but is not limited to, assessment and mitigation of risks associated with the design and deployment of new SAP systems and technologies and ensuring the on-going conformance of SAP solutions to security standards and compliance obligatiions.
35% Consulting and Risk Assessment
- Develops an understanding of IT service delivery goals and reframes risk discussions in IT service delivery terms
- Constructively engages IT service delivery stakeholder & enterprise risk analysts regarding information security issues
- Actively and professionally engages IT service delivery stakeholders in conversations that drive good risk decisions
- Compose responses to security inquiries, provided in a timely and consistent manner
- Perform documentation review and improvement, attending meetings as needed, serve front line response for troubleshooting issues as needed
- Provide guidance across several compliance related initiatives to ensure appropriate process, procedures and controls are adequately designed, implemented and/or remediated to meet audit and compliance expectations, operating efficiency goals, and business objectives
- Ensure remediation solutions are sustainable, measureable and defensible, to ensure compliance requirements continue to be maintained over time
- Responsible for the evaluation of security and mitigation of risks associated with confidentially, integrity and availability of the company's information assets
- Communicate and escalate issues and incidents as required by process or management
- Assist in development and communicating security guidelines for new technology SAP solutions
- Develop relationships with IT service delivery stakeholders, enterprise security resources, IT leaders, and compliance team members to gain consensus approvals on strategies, recommendations, findings and project plans
- Collaborate, build and maintain strong relationships within a high matrix organization in order to identify issues and drive information security compliance across all SAP solutions
- Monitor SAP solutions against internal security standards \ external compliance obligations
- Responsible for the coordination of remediation activities to achieve and sustain SAP solution conformance
- Participate in the design, deployment and reporting of SAP security measures to enable effective risk and control govenance across all SAP solutions
- Support the development of effective integrated monitoring of SAP security events with the Cargill Security Operation Center (SOC)
- Responsible for the effective monitoring and aligment of SAP Identity and Access management processes to security policy and principles
- Coordinate the effective execution of a vulnerability management program over all SAP Solutions
- Ensure that SAP technology projects are executed in accordance with risk management policy and standards
- Assist in the Monitor and document of SAP operations in accordance to baseline risk management goals including but not limited to; exceptions, findings, network security, software security
20% Remediation Planning
- Consult, validate & monitor the implementation of remediation activities as result of internal as well as external review/audit activities
- Collaborate with risk analysts across all areas of Cargill on common risks to achieve optimization and coordination of remediation activities
- Provide regular reports on the progress of remediation activities to the SAP Risk Manager
10% Education & Awareness
- Understand the company's technical security policies, the code of business conduct and ethics in order to translate into requirements for technical and non-technical staff
- Support the creation of a sustainable control environment
- Provide Technology Risk & Controls training & awareness. This includes aligning the technology control requirements and objectives with the business and external outsourcing specific requirement
The preferred location for this position is in Hopkins/Minneapolis locations. However - other Cargill U.S. locations may be considered.
- Bachelors Degree or relevant experience
- 5 Years of I/T Experience.
- Demonstrated working knowledge of SAP, Risk Management, Information Security, Controls, or I/T Audit practices.
- Proven record of high performance in problem solving, collaborating, planning and priority setting, perseverance, and a drive for results.
- Agile learning capabilities to inform on and manage risks via common systems and processes.
- Effective team skills encompassing cross-functional teams, peer relationships, informing, and understanding and appreciating differences.
- Solid Communication Skills - encompassing inter-personal communications, persuasion and influencing skills, security communications, using business terminology.
- Ability to effectively describe technical concepts to non-technical audiences.
- Demonstrated customer focus skills in translating risk management policies into business requirements.
- Strong interpersonal skills in terms of effective listening, patience, composure and conflict management.
- Ability to travel 20%
- Bachelor's degree in Computer Science, MIS, Computer Engineering or equivalent
- Networking and infrastructure experience
Job Information Technology
Primary Location US-MN-Hopkins
Other Locations Canada-Manitoba-Winnipeg, US-MN-Minneapolis, US-KS-Wichita, US-MN-Wayzata
Job Type Standard
Shift Day Job