Skip to main content

Sr. Vulnerability Management Analyst

Apply Now
Job ID REG02253 Date posted 06/04/2020 Location : Hopkins, Minnesota | Canada |  |
Position Purpose & Summary

The primary role of the Technology Governance Risk & Control (TGRC) –Vulnerability Management Analyst is to drive process and execution of discovery, reporting, prioritization and remediation of vulnerabilities across disparate spaces including, but not limited to, operating system (i.e. Windows, Unix, Linux), application, network, and  database vulnerabilities.  The  Vulnerability Management Analyst will drive a program to deliver a portfolio that adheres to TGRC policies and standards. This is inclusive of Cargill managed and third party applications and services.

This role will put into place a plan and process for vulnerability and patch remediation action plans, risk assessments and drive execution of any remediation actions.

Act a liaison in support of vulnerability assessment, remediation, and ownership. In partnership with the Enterprises/Regions, the TGRC – Vulnerability Management Analyst will provide guidance and solutions to facilitate the assessment and alignment of application services, vulnerability management, and risk awareness to the information security objectives.

This role will define and execute the process for capture, calculation, consolidation and presentation of vulnerability metrics for the enterprise.

Principal Accountabilities

50% Program Execution
  • Provide analysis of threats to the environment, understanding of risks and mitigating controls, priotitization and coordination of resulting actions.
  • Monitor and align information security objectives to external regulations
  • Monitor for and review vulnerabilities for impact to systems and network
  • Production of metrics and reporting; risk, capabilities, dashboard, compliance
  • Definition and maintenance of operational model; Global playbook, Stakeholders, RASCI, escalation paths and risk reporting
  • Interact, collaborate, and coordinate with vulnerability management tool vendors and intelligence sources.
  • Facilitate proactive remediation of new vulnerabilities by collecting information from threat and vulnerability feeds, analyzing the impact/applicability to the computing environment and communicating applicable vulnerabilities and recommended corrective actions to impacted teams.
25% Business Alignment
  • Lead enterprise Vulnerability Management programs; mission critical applications and vulnerabilities, ownership, access, and classification. Gap analysis; current to goal state, benchmarking against peers, industry and regulations
  • Bridge gaps and influence change when and where needed
25% Planning
  • Responsible for strategy and operations related to detecting and mitigating security vulnerabilities
  • Help enhance the long term vulnerability management strategy that will encompass shifting technologies and address information security needs
  • Develop alignment strategies for configuration base lines and interoperations for vulnerability management into broader IT processes.
This position is open to candidates based in U.S. & Canada. Position has ability to be 100% remote for the qualified candidate.

Relocation is not provided for this position, given the remote option noted above.

#LI-HS1

Required Qualifications
  • Bachelor’s degree  or equivalent I/T experience considered in lieu of degree.
  • 8 + years of broad I/T experience.
  • 4 + years of broad I/T security experience.
  • Previous experience with compliance frameworks, their implementations and driving an organization to adhere both to compliance requirements and appropriate security standards.
  • Strong knowledge on Vulnerability Management & remediation of OS, App, Network & DB vulnerabilities.Strong knowledge of industry standards regarding vulnerability management including Common Vulnerability Scoring System (CVSS), Common Vulnerability and Exposures (CVE). 
  • Ability to learn on the fly, manage through systems and common processes, and have sufficient overall intellectual horsepower to address the demands of the team.
  • Exceptional teaming skills encompassing cross-functional teams, peer relationships, informing, and understanding and appreciating differences.
  • Excellent communication skills encompassing inter-personal communications, persuasion and influencing skills, security communications in business terminology.
  • Effective communication with senior leadership and medium to large audience discussions/presentations.
  • Strong conceptual understanding of application & vulnerability management as applied to business processes
  • Proven record of high performance in problem solving, collaborating, planning/priority setting, timely decision making, perseverance, and a drive for results.
  • Very strong interpersonal skills in terms of effective listening, patience, composure, and conflict management.
  • Ability to travel 5% - 10% (domestic and international)
  • CISSP/CISA/CISM or equivalent security certification
  • Vulnerability Management tools (e.g. Tenable, e.g. Qualys, e.g. McAfee, etc.)
Preferred Qualifications
  • Knowledge / experience in developing secure code.
  • Experience working with outsourced operational teams.
  • Experience working in an ICS environment (control systems within the plant)
Apply Now

Linkedin Job Matcher

Find where you fit in at Cargill. Log in to connect your LinkedIn profile and we’ll use your skills and experience to search the jobs that might be right for you.

Find Your Match

Sustainable
Cocoa

The Cargill Cocoa Promise is committed to securing a thriving cocoa sector for generations.

Learn More (Sustainable Coco)

Inclusion
& Diversity

Our inclusive culture helps us shape the future of the world.

Learn More (Inclusion & Diversity)

Life at
Cargill

Discover how you can achieve your higher purpose with a career at Cargill.

Learn More (Life at Cargill)

No recently viewed jobs are here...yet.

Please browse the jobs available on this site. Then, you will see those recently viewed jobs here.

Thrive