If you are currently employed at Smithfield, please log into Workday and submit your application through the Jobs Hub.

A great job-and a great future-awaits you at Smithfield Foods. We're an $18 billion U.S. food company with nearly 60,000 employees worldwide. We're looking for motivated people who want to join our team and grow lasting and meaningful careers with us. Join our family today. Apply Now!

Your Opportunity

Our team members receive industry-competitive salaries and are eligible for great benefits packages:

• Competitive Pay

• Annual Bonus Earning Potential

• Comprehensive Health Insurance, Retirement Benefits and More

• Education benefit available to full and part-time Smithfield team members on their first day of employment.

In addition, we offer opportunities for career growth, professional development, and tuition assistance.

The position summary states the general nature and purpose of the job. Overall accountabilities are defined in this section.

The Cybersecurity Controls Analyst is responsible for executing various security control initiatives such as risk assessments, security control assessments, and 3rd party risk assessments.

The position aims to provide skilled technical and information security expertise for developing and implementing the cybersecurity risk management program. Responsibilities require project management experience, as well as: the ability to ensure practical system-wide security analysis, control testing, risk assessment, awareness & education, and development of policies, standards, and guidelines.

A qualified candidate will support the establishment, execution, and maintenance of the Company's cybersecurity GRC program. This person will use strong communication, analytical, and troubleshooting abilities to identify and report on controls from various security domains, control and/or process gaps, and to identify process and technology opportunities.

This position supplies the information necessary to manage the risk to the organization and ensures business alignment, effective governance, system and product availability, integrity, and confidentiality. Success in this role requires collaborating with multiple levels of the organization, weighing risk against the impact on business operations.

Core Responsibilities

• Review, audit, and monitor security compliance programs against security policies, standards, and frameworks such as SOC2, ISO 27000, NIST CSF, PCI-DSS, etc.

• Support developing remediation plans for issues and risks, coordinate activities with owners, and track remediation to completion.

• Conduct periodic information security risk assessments.

• Aid in documenting and maintaining identified risks in a risk register within the GRC system throughout the risk lifecycle (i.e., identified and resolved)

• Support documentation management such as security policies, standards, processes, procedures, and data flows.

• Lead evidence collection for external audits related to SOC2, ISO 27000, NIST CSF, PCI-DSS, etc.

• Perform vendor security risk assessments.

• Build and cultivate positive working relationships with stakeholders across various teams.

• Assist Cybersecurity Engineers in reviewing new technology and service initiatives to ensure controls align with internal and external requirements.

The above statements are intended to describe the general nature and level of work being performed by people assigned to this job. They are not intended to be an exhaustive list of all responsibilities, duties, and skills required of personnel so classified. May perform other duties as assigned.

Qualifications

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals to perform the essential functions.

• Bachelor's Degree from an accredited four-year college or university in cybersecurity, computer science, information technology, business, information security, or related field and 2+ years of cybersecurity experience or related IT field, preferably in cyber risk management; or equivalent combination of education and experience.

• Information security-related certifications such as CISSP, CISM, or CRISC are preferred.

• Basic knowledge of security technologies such as firewalls, IDS, DLP, Vulnerability Scanners, etc.

• Ability to develop security standards and guidelines based on best practices and industry standards.

• Excellent interpersonal, communication, and presentation skills, including formal report-writing experience.

• Working knowledge of cybersecurity frameworks and compliance standards such as NIST, ISO 27000, SOC2, etc.

EEO/AA Information

Smithfield is an equal opportunity employer committed to workplace diversity. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, national origin, age, gender identity, protected veterans status, status as a disabled individual or any other protected group status or non-job characteristic as directed by law.

If you are an individual with a disability and would like to request a reasonable accommodation for any part of the employment selection process, please call us at 757-357-1595.

Salary Range