Cyber Security Information and Risk Management Engineer II

Build a Bigger, Better, Bolder Future:

Imagine working for a company that measures its success based off the growth of its colleagues, a company that invests in its future by investing in you. Little Caesars is a company where our colleagues make an impact.

Your Mission:

The Cyber Security Information and Risk Management Engineer will identify, evaluate, and prioritize cyber risks and manage third-party risks, as well as assist in the management of security controls over information throughout its lifecycle. The Engineer will focus primarily on the maintenance of an effective risk program and facilitate the identification of risks, ensuring proper mechanisms are in place to mitigate risks in a manner consistent with global cybersecurity standards. This role will collaborate with colleagues to develop risk-related security policies and standards, risk frameworks, and processes in an innovative and flexible way.

This role will work closely with various business units to implement the procedures and controls necessary to protect organizational assets, information systems, and data. This position will interface with all levels of the organization and have access to security-sensitive information.

How You’ll Make an Impact:

• Coordinate with internal business units to assist in the development of an effective cyber risk management program
• Manage and mature a risk framework and processes that allow for effective cyber risk monitoring, management, and reporting
• Perform cyber risk assessments, evaluate, and prioritize cyber risk management activities across the organization
• Develop, implement, and perform third-party cyber security risk assessments based on cybersecurity standards
• Review third-party contracts and ensure they are in line with our organization’s cyber risk tolerance
• Ensure third-party vendors are aware and comply with our organization’s Cybersecurity policies and standards. Work with Legal to ensure cybersecurity requirements and external regulatory mandates are properly addressed in legal contracts
• Oversee the security of sensitive data across the organization and support in the design and implementation of information management controls to address identified risks
• Develop, enhance, and maintain Key Risk Indicator (KRI) framework and reporting
• Work closely with leaders in IT and Operations functional areas to ensure security standards, policies, and procedures are deeply embedded and understood
• Develop and maintain our organization’s ability to track any outstanding findings, issues, or observations from external and internal assurance and oversight groups
• Responsible for keeping abreast of the latest trends in governance, cybersecurity, risk, and compliance management

Who You Are:

• Bachelors’ degree in Information / Data Management, Systems Engineering, Computer Engineering, Computer Science, or other closely related disciplines
• Minimum of four (4) years experience in security functions, including risk management, information security, privacy or data protection or assurance-related function
• Technical and Functional experience in the domains of Governance, Enterprise Risk Management, and Regulatory Compliance
• Proven understanding of risk assessment methodologies, frameworks, and procedures and the ability to work flexibly with them to meet organizational size, maturity, and culture considerations
• Facilitates IT governance implementation
• Experience building a network of relationships across functions and liaising with senior management
• Ability to think strategically about security risks and tie those to tactical organizational activities
• Demonstrated ability to prioritize and execute tasks in a high-pressure environment
• Requires self-motivated approach to work with keen attention to detail
• Evidence of ability to work in a team-oriented, collaborative environment with minimal oversight, and ability to work well under tight deadlines and effectively interact with a wide range of personnel
• At least one of the following certifications is required or must be obtained within your first 12 months of employment: CRISC, CISA, CISM, CISSP or CIPP
• Experience working with a Governance Risk and Compliance tool
• Experience with technical documentation related to GDPR, PCI DSS, ISO 27001, NIST CSF, SOC 2 and continuous monitoring
• Demonstrate strong verbal and written communication skills as well as strong analytical and problem-solving abilities
• Proven knowledge of information management, asset management, data classification, and vulnerability resolution techniques
• Ability to work independently or as a member of a team on various tasks
• Proven ability to effectively research subject matter

All items listed above are illustrative and not comprehensive. They are not contractual in nature and are subject to change at the discretion of Little Caesars Enterprises Inc. 

Little Caesar Enterprises, Inc. is an Equal Employment Opportunity employer. All qualified applicants will receive consideration for employment without regards to that individual’s race, color, religion or creed, national origin or ancestry, sex (including pregnancy), sexual orientation, gender identity, age, physical or mental disability, veteran status, genetic information, ethnicity, citizenship, or any other characteristic protected by law. 

The Company will strive to provide reasonable accommodations to permit qualified applicants who have a need for an accommodation to participate in the hiring process (e.g., accommodations for a job interview) if so requested. 

This company participates in E-Verify. Click on any of the links below to view or print the full poster. E-Verify and Right to Work.

PRIVACY POLICY

Read Full Description