Sr. Security Risk Engineer, Global InfoSec WFM GRC Team

Job Description

Job summaryAre you passionate about translating technical risks to actionable remediation Would you like to build and mature the security risk management program for Whole Foods Market into a best-in-class organization At Whole Foods we need exceptionally talented, bright, and driven people. Whole Foods is the world s largest provider in natural and organic groceries, and we are passionate about our mission, and protecting our customers information. We want someone ready to partner across our cutting-edge technology and security engineering groups to lead and execute our Security risk management program. The right person will bring a unique approach to identifying and managing Security risks, refine strategy, oversee the execution of risk programs, and become the SME for Security risks in leadership conversations.This role is the face of risk management to our partners and stakeholders throughout Whole Foods and Amazon. You will oversee the execution of security risk evaluations, ensure we identify and surface risks quickly, and validate and drive remediation across Whole Foods Market s business. You will dig deep into areas of concern, evaluate the overall risk posture of technology teams and business lanes, identify the full range of risks related to technology, processes or programs, and translate those technical risks into business language. The output of this role will enable Amazon and Whole Foods Management to drive sound risk-tradeoff discussions. You should be comfortable interacting with technical security engineers as well as technology and business leadership. You need a solid technical background and the proven ability to manage IT risks end-to-end.Key Activities:
• Refine risk management strategies to ensure key Security risks are captured and actioned
• Identify gaps in Technological architectures, systems controls and develop solutions to remediate those gaps.
• Assess the risk from security deviation and exceptions.
• Dive deep with threat modeling, data flows.
• Oversee the execution of risk assessments for security and technology risks
• Identifies gaps in controls and processes
• Develop and deliver risk and finding dashboards and reporting
• Oversight and management of risk management tools
• Implementation of automated risk scoring where possible
• Continuous improvement of program, recommends improvements to drive program efficiencies
• Maintains subject matter expertise in security risk and control
Key job responsibilitiesThis role will specialize in all aspects of information security management as well as business and regulatory compliance using cloud services in large-scale computing environments.,
• Bachelor s degree in Management Information Systems, Computer Science, or related field, or relevant industry experience
• 6+ years of information security, audit, risk management, compliance or risk consulting experience
• Excellent written and verbal communication skills
• SME in risk management, business risk analysis, and making complex business/risk trade-off recommendations and decision
• In-depth knowledge of security compliance, risk management and technical frameworks
• Maturity, judgment, and proven ability to lead and influence others
• Independently driven, resourceful, and able to deliver results with minimal direction
• High sense of ownership, urgency, and drive
• Leadership-level communication (written and verbal)
• Masters degree in Business Administration, Information Systems, related field, or equivalent practical experience
• Experience working with Engineer and Architects
• Relevant Industry Certifications (CISSP, CISA etc.)
• Experience working with IT-GRC tools
• Experience implementing automated risk scoring
• Experience working with IT-Risk Frameworks (NIST, ISO-27X etc.)
• Meets/exceeds Amazon s leadership principles requirements for this role
• Meets/exceeds Amazon s functional/technical depth and complexity for this role

Keyskills :
whole foodsqualityengineeringinsurancerisk analysiscustomer relations