Cybersecurity Vulnerability Analyst

Compass Group The Americas Division
Charlotte, NC
19 Jun 2024

Vacancy expired!

Compass Corporate A family of companies and experiences

As the leading foodservice and support services company, Compass Group USA is known for our great people, great service and our great results. If you've been hungry and away from home, chances are you've tasted Compass Group's delicious food and experienced our outstanding service. Our 225,000 associates work in award-winning restaurants, corporate cafes, hospitals, schools, arenas, museums, and more in all 50 states. Our reach is constantly expanding to shape the industry and create new opportunities for innovation. Join the Compass family today!

great people. great services. great results.

Each and every individual plays a key role in the growth and legacy of our company. We know the next big idea can come from anyone. We encourage developing and attracting expertise that differentiates us as a company as we continue to raise the bar.

Job Summary

This hands-on senior analyst position will serve as part of the Compass Group North America technology integrations team, providing oversight, coordination, and delivering the activities supporting successful cyber risk identification and management activities around acquired entities for Compass. A key function of this job will be to assess and report the cyber control status and security posture of both pre-acquisition and post-transaction companies for cloud, network, key application, and infrastructure domains. This position will coordinate with multiple stakeholders who work with acquired entities to ensure appropriate processes, procedures and controls are adequately designed, implemented or remediated to meet Compass Key control requirements and mitigate any risks that are associated to or with third parties.

Responsibilities:

• Perform risk/security assessments of acquired entities to identify, validate and remediate risks. This may include performing interviews, document design assessments and walkthroughs of Key IT Controls. This includes effective operation of vulnerability scanning tools from both external and internal IPs, understanding authenticated vs unauthenticated scanning, and accurately interpreting scan results to quantify cyber risk. In some cases, this may also involve actual control testing to validate questionnaire responses or other control status attestations.• Lead PCI-related readiness activities to ensure compliance with PCI requirements when the acquired entity operates in-scope of the PCI Data Security Standard. • Engage with Enterprise Architecture, Infrastructure Engineering, and Security Architecture teams to help develop remediation plans and target architectures for acquired entities.• Exhibit pragmatism in formulating remediation and implementation strategies, defining work tracks, and submitting assessment findings and recommendations with a prioritized and business-aware approach to reducing cyber risk.• Develop trusted relationships with Business Partners, IT Executives, Security & Compliance Officers and other team members to gain consensus approvals on strategies, recommendations, findings and project plans etc.• Have an understanding of the broad regulatory landscape affecting Compass business areas; remain current with emerging regulatory requirements as well as solution trends in the marketplace.• Have an understanding of emerging technologies including but not limited to mobile

Qualifications:

• 3+ years experience conducting vulnerability scanning• 3-5 years experience as a security analyst performing full stack information security operations (including vulnerability management, cloud security, network security tools (ie: reverse & forward proxies, firewall), and endpoint security tools (EDR, antivirus, etc.)• 3+ years experience conducting cloud-based cyber vulnerability assessments• 3+ years experience with mergers & acquisitions (participating in M&A activity - primarily on the acquisition side)• 2+ years experience with AWS, Azure, Google Cloud Platform security• 2+ years experience with regulatory frameworks PCI, FISMA, FedRAMP, PCI, GLBA, GDPR, SOX, SOC1, SOC2, PSD2• Bachelor degree in Computer Science, Information Systems, Management Information Systems, or Business Administration or other related field. (Master degree is preferred.) Significant and relevant technical experience meeting the job description may be substituted for degree requirements.

Apply to Compass Group today!

Click here to Learn More about the Compass Story

Compass Group is an equal opportunity employer. At Compass, we are committed to treating all Applicants and Associates fairly based on their abilities, achievements, and experience without regard to race, national origin, sex, age, disability, veteran status, sexual orientation, gender identity, or any other classification protected by law.

Qualified candidates must be able to perform the essential functions of this position satisfactorily with or without a reasonable accommodation. Disclaimer: this job post is not necessarily an exhaustive list of all essential responsibilities, skills, tasks, or requirements associated with this position. While this is intended to be an accurate reflection of the position posted, the Company reserves the right to modify or change the essential functions of the job based on business necessity. Los Angeles applicants: Compass Group will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of the Los Angeles Fair Chance Initiative for Hiring (Ban the Box ordinance)

Positions at this location may require a COVID-19 vaccination and/or regular COVID testing. Where permitted by law, applicants who are offered a position for this location may be asked about their vaccination status, which must meet minimum business requirements. All religious, medical, or other legally recognized exemptions regarding vaccination status will be considered.

Associates at Corporate are offered many fantastic benefits.
  • Medical
  • Dental
  • Vision
  • Life Insurance/ AD
  • Disability Insurance
  • Retirement Plan
  • Paid Time Off
  • Holiday Time Off (varies by site/state)
  • Associate Shopping Program
  • Health and Wellness Programs
  • Discount Marketplace
  • Identity Theft Protection
  • Pet Insurance
  • Commuter Benefits
  • Employee Assistance Program
  • Flexible Spending Accounts (FSAs)
Req ID: 984888

Compass Corporate

Christopher McMullens

[[reqclassification]]
  • ID: #43305589
  • State: North Carolina Charlotte 28201 Charlotte USA
  • City: Charlotte
  • Salary: USD TBD TBD
  • Job type: Permanent
  • Showed: 2022-06-19
  • Deadline: 2022-08-17
  • Category: Et cetera