GRC Analyst at SUPERVALU Holdings Inc in Eden Prairie, Minnesota

Job Description:

This position can be based in Eden Prairie, MN or Providence, RI

Job Overview: 

The Cyber Security GRC Analyst plans, performs, and monitors access reviews, assists in 3rd Party Vendor risk follow-up, as well as on-boards new applications into the Enterprise Identity and Access Management solution (SailPoint).  Performs assigned portions of Cyber Security Governance Risk & Compliance programs in accordance with departmental standards.

Job Responsibilities and Accountabilities: 

• Prepares files and facilitates quarterly access review process.


• Performs and documents compliance projects in accordance with approved compliance program and department and professional standards within budgeted timeframes.


• Assists in Third Party Vendor Assessment Risk follow-up.


• Coordinates the on-boarding of applications into to Enterprise Identity and Access Management solution (SailPoint).


• Performs other relevant job duties as required.

Job Requirements:  

• Ability to manipulate and analyze data to translate it into data file requirements, including testing for completeness of the output.


• Three to five years of experience in security governance, risk, and compliance, audit, or related field required.


• Bachelor's degree in Computer Information Systems, Information Technology, or Audit.


• Must possess a basic understanding of security threats, operating systems, operations, databases, and logical security.


• Must be capable of working under close supervision and conducting assignments as required.


• Requires excellent analytical and communications skills to learn customer business objectives, evaluate risks and plan control compliance and other activities.


• Flexible and adaptable to learning and understanding new technologies.


• Excellent written and verbal communication skills, a high degree of personal integrity, attention to detail and strong investigative skills.


• Proficient in MS Office tools (Excel, Word, Access, etc.).


• General knowledge of Sarbanes-Oxley (Required), PCI-DSS (Desired), HIPAA (Desired), and Privacy (Desired).


• Must be able to work in a fast-paced environment and manage multiple projects concurrently.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity or expression, national origin, disability, or protected veteran status. UNFI is an Equal Opportunity employer committed to creating an inclusive and respectful environment for all. - M/F/Veteran/Disability. VEVRAA Federal Contractor.