Sr Risk Expert Cybersec-WMTech

Sr Risk Expert Cybersec-WMTech

What you'll do

Monitors, analyzes, and remediates IT security risks and vulnerabilities by adhering to defined operating procedures; reviewing metrics to identify
outliers, inefficiencies, and non-standard actions associated with operational processes and reporting the findings; identifying improvement
opportunities and providing feedback to senior team members and management; and participating in meetings for any initiatives or tasks that will alter current processes.

Analyzes and identifies risk by understanding basic and complex factors of influence to impact and likelihood; building working knowledge and
relationship between risk and governance; building expertise in risk analysis in multiple layers of security specialty (for example, Physical,
Governance, Technical, etc.); developing risk mitigation strategies for identified vulnerabilities; representing risk in multiple areas or domains; defining
risks based on criticality, frequency, or level of impacts; and reporting to senior and executive management risk issues and observations that could
lead to missing strategic goals related to governance.

Builds, maintains, and expands vendor relations by preparing and executing request for proposals (RFPs); facilitating the vendor selection process;
reviewing statements of work; ensuring compliance to vendor contracts; and reporting on vendor contract execution.

Leads the implementation of security governance by leading governance strategy; ensuring familiarity with Walmart Information Security policies,
standards, procedures and best practices; modeling various governance concepts (for example, ITIL, COBIT, Six Sigma, CMM); developing
recommended remediation for gaps in security governance and policies through collaboration and consensus building; enforcing all information
technology policies and procedures; comparing and contrasting Walmart practices and industry standards; reviewing governance broadly for overlap
and inconsistencies of operational, security, and management practices; reporting to executive management those identified governance issues
leading to missing strategic goals related to governance; and tracking pending legislation to analyze potential impact to business operations.

Oversees multiple compliance efforts by monitoring the implementation of specific information security controls; ensuring expertise with regulatory
concepts (for example, ISO, SOX, PCI, HIPAA); managing multiple compliance assessments and remediation processes; identifying security
compliance assessment and remediation process improvement; defining and/or implementing solutions to assess compliance and reduce risk;
coordinating and communicating enterprise compliance assessments and remediation processes; and presenting results and analysis of assessment
and remediation activity relevant to missing strategic goals related to GRC to senior and executive management.

Leads the execution of basic and complex security initiatives by prioritizing critical issues for root-cause analysis; ensuring resolution of critical issues;
monitoring progress versus plan; conducting business and technical design sessions; escalating complex or difficult issues; utilizing scope-change
orders to track changes to the project; tracking expenditures and budgets; providing informational presentations; managing stakeholder expectations;
holding self and project team accountable for project delivery; and developing performance reports.

Drives the execution of multiple business plans and projects by identifying customer and operational needs; developing and communicating business
plans and priorities; removing barriers and obstacles that impact performance; providing resources; identifying performance standards; measuring
progress and adjusting performance accordingly; developing contingency plans; and demonstrating adaptability and supporting continuous learning.

Minimum Qualifications

Bachelor’s degree in Computer Science, Information Technology, Engineering, Computer Information Systems, or risk related field and 7 years
experience in information technology or risk related field within the last 11 years OR 9 years experience in information technology or risk related
field within the last 11 years.

Additional Qualifications

3 years experience in investigations, audits, or assessments, evidence handling, and document collection and retention consistent with judicial best

3 years experience with risk frameworks (for example, COBIT, ISO 27005, etc).

3 years experience with current and emerging technologies (for example, mobile, cloud, federation, network, cryptography, firewalls, security
technologies, intrusion detection/prevention devices, penetration testing, architecture).

CISSP, CISA and other related certifications.

3 years experience with PCI/ISO/HIPAA/SOX compliance/reporting process.

6 years experience designing and implementing technical solutions.

6 years experience creating and presenting technical strategies and technical solution recommendations.

6 years experience leading cross-functional teams.

6 years experience integrating new technologies into existing technology portfolio.

3 years experience working in a global environment.

Multi-lingual in any or all of the following: Spanish, Portuguese, Mandarin Chinese, Japanese.

Experience leading initiatives engaging team members across multiple foreign countries.
Walmart Associate
"I feel like my manager wants to help me become a better developer and a better person overall."
— Roel, Program Analyst

Hello, NW Arkansas

With over 200 miles of trails, an emerging locally-sourced food scene, the world-renowned Crystal Bridges Museum—NWA has something for everyone.

Discover NW Arkansas
Northwest Arkansas
Photo of Northwest Arkansas

All the benefits you need for you and your family

  • Multiple health plan options
  • Vision & dental plans for you & dependents
  • Associate discounts in-store and online
  • Financial benefits including 401(k), stock purchase plans and more
  • Education assistance for Associate and dependents

Recently viewed jobs