INFORMATION SECURITY THIRD PARTY RISK ANALYST

JOB DETAILS

Domino’s Pizza, which began in 1960 as a single store location in Ypsilanti, MI, has had a lot to celebrate lately: we’re a reshaped, reenergized brand of honesty, transparency and accountability – not to mention, great food! In the rise to becoming a true technology leader, the brand is now consistently one of the top five companies in online transactions and 65% of our sales in the U.S. are taken through digital channels. The brand continues to ‘deliver the dream’ to local business owners, 90% of which started as delivery drivers and pizza makers in our stores. That’s just the tip of the iceberg…or as we might say, one “slice” of the pie! If this sounds like a brand you’d like to be a part of, consider joining our team!

QUALIFICATIONS

Required Technical Skills

• Knowledge of cybersecurity and privacy principles used to manage risks related to the use, processing, storage, and transmission of information or data.
• Ability to conduct assessments, including analyzing test data and rendering conclusions. Skill in using data mapping, analysis, and visualization tools. Skill in conducting assessments of technical systems. Skill in assessing security controls based on cybersecurity principles. Understands impact/risk assessments and root cause analysis.
• Ability to understand cyber security impact to organization and how to apply cybersecurity principles to organizational requirements (relevant to confidentiality, integrity, availability).
• Ability to communicate complex information in a clear, concise and organized manner. Demonstrates skill in managing client relationships and expectations and demonstrating commitment to delivering quality results.
• Ability to apply critical thinking to evaluate information for reliability, validity, and relevance. Ability to function in a collaborative environment, seeking consultation with analysts and experts to leverage technical expertise.
• Knowledge of risk management processes, cybersecurity and privacy principles, and cyber threats and vulnerabilities.
• Knowledge of information classification concepts. Knowledge of principles for managing risks related to handling of data and information.
• Knowledge of applicable business processes and operations of customer organizations.
• Skill in interfacing with customers.
• Ability to tailor technical and planning information to a customer’s level of understanding.
• Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.
• Knowledge of secure software deployment methodologies, tools, and practices, and application security risks.
• Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
• Knowledge of cyber threats and vulnerabilities.
• Knowledge of new and emerging information technology (IT) and cybersecurity technologies.

Qualifications 
Core Qualifications

• A bachelor’s degree in computer science, information systems, business, or other related field; or equivalent work experience.
• 2 to 3 years of general information technology work experience (more than 1 year of information security third-party cyber risk work experience is preferred).
• CISSP, CISA, CISM, CRISC, CGEIT or other relevant certifications is desired but not required.

Additional Information

As Domino’s continues to mature the information security program, we recognize the value of an Information Security Third-Party Risk Analyst as one of the key enablers of such a program.
The position is a critical member of the Information Security team. The role will report directly to the Information Security Governance, Risk & Compliance Manager, and will work closely with various Information Security personnel in the organization. The role is also expected to establish a strong working relationship with various Domino’s team members.

The position will play an important role in the Domino’s third-party cyber risk management. The position will work closely with other Team Members within the Information Security team. The position is expected to collaborate with other functions within the Domino’s Technology department and other Domino’s business units.
The position will work with the Information Security Leadership team, all functions within the Information Security organization, the broader Domino’s Technology department, Domino’s vendors/suppliers, and various business units.

The candidate is expected to have proven knowledge and experience in information security, information technology, third-party cyber risk management, privacy, and business field.

Responsibilities and Duties

• Perform initial risk reviews on new vendor relationships based on services provided and potential risk areas identified.
• Work directly with the business to coordinate remediation efforts on issues identified during risk reviews.
• Work with the customer on performing self-assessments for existing vendors.
• Regular monitoring and reporting of vendor risks via dedicated dashboards and internal reporting.
• Coordinate periodic business reviews with key customers/departments.
• Work with the GRC team to ensure the annual functional goals are met.
• Obtain and maintain deep understanding of Infosec technologies, processes, capabilities, and services.
• Act as a liaison between Infosec, the rest of Domino’s Technology team, and business; develop and maintain strong relationship with key customer contact.
• Serve as a consultant and trusted advisor to the customer.
• Regularly update the Third-Party Risk Lead and Manager on status’ of open risk reviews and other projects.

Required Core Competencies
The team member is expected to possess the relevant leadership competencies, including the following:

• Follows through on commitments, acts with integrity and takes personal responsibility for decisions, actions, and failures, establishes clear responsibilities and processes for monitoring work and measuring results
• Assumes positive intent of others, works cooperatively with others across the organization to achieve shared objectives, represents own interests well while being fair to others and their areas, partners with others to get work done, credits others for their contributions and accomplishments, gains trust and support of others
• Shows personal commitment and takes action to continuously improve, accepts assignments that broaden capabilities, demonstrates curiosity and openness to differences, new ideas and thinking, demonstrates vulnerability, including a willingness to ask for help or acknowledge mistakes.
• Gains insight into customer needs, identifies opportunities that benefit the customer, builds and delivers solutions that meet customer expectations, establishes and maintains effective customer relationships.
• Promotes information sharing, collaboration, and transparency.
• Aligns and supports leadership strategic directives and contributes to team’s objectives.