Publix Super Markets, Inc.
Senior Cybersecurity Analyst 2 - Risk and Compliance
Publix Super Markets, Inc., Lakeland, Florida, United States, 33809
Overview
Please note, this is a hybrid position requiring 8 days per month on-site in Lakeland, FL. Join Publix Technology - Where Innovation Meets Impact Publix Super Markets, Inc., the largest employee-owned company in the U.S., is powered by a dynamic technology team of 2,100+ associates. We deliver modern, cutting-edge solutions to 1,400+ stores and over 200,000 internal team members across 8 states. Whether you're passionate about IT security, platform engineering, architecture, software development, or infrastructure, we offer exciting career paths at every level - from internships to technical leadership. Be part of a Fortune 100 Best Companies to Work For and help us build more than just great subs - build the future of technology for Publix. As a Senior Cybersecurity Analyst (Risk and Compliance) you will leverage a broad understanding of IT, regulatory, and cybersecurity domains to assess the security posture of various aspects of Publix and determine the adequacy of current controls. This opportunity will allow you to further expand and apply your skills to solve critical business and data protection related challenges as part of a team, driving identification and assessment of risks, validation of compliance to multiple regulations, and adherence to standards and security best practices. Responsibilities
Proactively identify potential cyber security risks across various areas of the business. Analyze the likelihood and impact of identified risks to understand their potential impact. Provide in-depth analysis of cyber security risks to the leadership team to make decisions that protect Publix. Develop strategies, plans, and recommendations to reduce or eliminate cyber security risks and work with relevant teams to implement. Continuously monitor the effectiveness of cyber risk management strategies, prioritize mitigation activities, and report risk-related issues and challenges to relevant stakeholders. Assess organizational compliance with regulatory and legal requirements but strategically help teams think through the best way to manage risk in accordance with security best practices. Serve as a liaison and foster strategic working relationships with technical architects, engineering teams, and businesses to inform them of IT controls or requirements as well as ensure security standards are being met. Assist with regulatory related projects such as gap assessments, annual audits, and remediation tracking. Provide security and compliance consultation on new projects pertaining to PCI DSS, cloud security, data privacy, HIPAA, SOX, etc. Assist in third party risk management assessments to evaluate the security of vendors and hosted solutions based on approved information security standards.
Qualifications
Bachelors degree in management information systems, Computer Science, Information Security, or other analytical disciplines or equivalent experience 4+ years of combined experience in Information Security, Compliance, Technology Audit, or a related field 2+ years of experience with security control frameworks such as ISO 27001, COBIT, NIST, PCI DSS, HITRUST, SOX, HIPAA, etc. 6+ years of combined experience in Information Security, Compliance, Technology Audit, or a related field Successful completion of one or more of the following certifications: CISA, CISM, CRISC, CCSP, and/or CISSP Operating system and cloud security experience Experience evaluating the security infrastructure for large enterprise merchants or service providers General understanding of networking and firewall concepts Working knowledge of audit methodologies, security assessment tools and monitoring methodologies
#J-18808-Ljbffr
Please note, this is a hybrid position requiring 8 days per month on-site in Lakeland, FL. Join Publix Technology - Where Innovation Meets Impact Publix Super Markets, Inc., the largest employee-owned company in the U.S., is powered by a dynamic technology team of 2,100+ associates. We deliver modern, cutting-edge solutions to 1,400+ stores and over 200,000 internal team members across 8 states. Whether you're passionate about IT security, platform engineering, architecture, software development, or infrastructure, we offer exciting career paths at every level - from internships to technical leadership. Be part of a Fortune 100 Best Companies to Work For and help us build more than just great subs - build the future of technology for Publix. As a Senior Cybersecurity Analyst (Risk and Compliance) you will leverage a broad understanding of IT, regulatory, and cybersecurity domains to assess the security posture of various aspects of Publix and determine the adequacy of current controls. This opportunity will allow you to further expand and apply your skills to solve critical business and data protection related challenges as part of a team, driving identification and assessment of risks, validation of compliance to multiple regulations, and adherence to standards and security best practices. Responsibilities
Proactively identify potential cyber security risks across various areas of the business. Analyze the likelihood and impact of identified risks to understand their potential impact. Provide in-depth analysis of cyber security risks to the leadership team to make decisions that protect Publix. Develop strategies, plans, and recommendations to reduce or eliminate cyber security risks and work with relevant teams to implement. Continuously monitor the effectiveness of cyber risk management strategies, prioritize mitigation activities, and report risk-related issues and challenges to relevant stakeholders. Assess organizational compliance with regulatory and legal requirements but strategically help teams think through the best way to manage risk in accordance with security best practices. Serve as a liaison and foster strategic working relationships with technical architects, engineering teams, and businesses to inform them of IT controls or requirements as well as ensure security standards are being met. Assist with regulatory related projects such as gap assessments, annual audits, and remediation tracking. Provide security and compliance consultation on new projects pertaining to PCI DSS, cloud security, data privacy, HIPAA, SOX, etc. Assist in third party risk management assessments to evaluate the security of vendors and hosted solutions based on approved information security standards.
Qualifications
Bachelors degree in management information systems, Computer Science, Information Security, or other analytical disciplines or equivalent experience 4+ years of combined experience in Information Security, Compliance, Technology Audit, or a related field 2+ years of experience with security control frameworks such as ISO 27001, COBIT, NIST, PCI DSS, HITRUST, SOX, HIPAA, etc. 6+ years of combined experience in Information Security, Compliance, Technology Audit, or a related field Successful completion of one or more of the following certifications: CISA, CISM, CRISC, CCSP, and/or CISSP Operating system and cloud security experience Experience evaluating the security infrastructure for large enterprise merchants or service providers General understanding of networking and firewall concepts Working knowledge of audit methodologies, security assessment tools and monitoring methodologies
#J-18808-Ljbffr