Information Security Risk Analyst

About ADM :

We are one of the world’s largest nutrition companies and a global leader in human and animal nutrition. We unlock the power of nature to provide nourishing quality of life by transforming crops into ingredients and solutions for foods, beverages, supplements, livestock, aquaculture, and pets.

About ADM India Hub :

At ADM, we have long recognized the strength and potential of India’s talent pool, which is why we have maintained a presence in the country for more than 25 years. Building on this foundation, we have now established ADM India Hub, our first GCC in India.

At ADM India Hub, we are hiring for IT and finance roles across diverse technology and business functions. We stand at the intersection of global expertise and local excellence, enabling us to drive innovation and support our larger purpose of unlocking the power of nature to enrich quality of life.

Security Governance Analyst

Position Summary :

This role will report to the Director Security Governance & Awareness within Global Information & Cyber Security as a member of the security governance team to help with governance of the Information Security program and security risks. Together with the Director Security Governance & Awareness, this role will reduce risk by continuously reviewing, refining, and recommending improvements to the Information Security operating model, policies, standards, and processes and provide reporting and recommendations to the CTO, CISO, and senior leadership.

Job Responsibilities :

• Develop, maintain, evaluate and implement policies and procedures aligned with both business requirements and legislative changes, (i.E. ISO 27001 / 27002, COBIT 5, NIST CSF, NIS2, GDPR).
• Collaborate with subject matter experts to write policies and standards in line with the ADM Control Framework, based on NIST CSF, ISO 27001 / 27002, SCF (Secure Controls Framework).
• Lead control assessment activities addressing security and regulatory requirements, engaging appropriate business units and personnel to plan and execute the ADM Control Governance program, documenting gaps / vulnerabilities and driving risk identification and intake.
• Manage and maintain GICS SharePoint sites for security awareness, policies, standards, training, newsletters and reporting of threats.
• Implement security policies and standards aligned with enterprise objectives.
• Collaborate with subject matter experts to align security and compliance requirements with emerging business needs.
• Participate in the development and implementation of security awareness program training, materials, and events. Develop and deliver content to educate the business about the ADM Control Framework and other organizational programs.
• Manage Global Information & Cyber Security SharePoint Site, Yammer and Social Chorus, including all security awareness newsletters, videos, promotions, team updates, policies and standards.
• Develop and communicate guidelines for enterprise security practices.
• Assist with control design and implementation for the ADM Control Framework, including tracking and reporting progress, security control gaps, and metrics.
• Proactively identify and collect appropriate and meaningful metrics to be reported in order for the business leaders to make appropriate risk-based decisions.
• Monitor compliance with security policies and standards across the organization utilizing reporting and metrics, driving process improvement.
• Compile, review, and analyze security information to provide recommendations, metrics, and reports for management review and decision making.
• Facilitation and management of security policies, policy exceptions, standards, procedures and guidelines.
• Document and track requests for variance from standards. Monitor risk mitigation processes and progress until variances are closed.
• Actively stay aware of processes and methods for identifying and addressing non-compliance to information security standards and communicate the findings clearly to business areas.
• Collaborate with key business units and capability stakeholders, including, but not limited to, Privacy, IT, Internal Audit, InfoSec, Corporate Security, and HR to develop and improve Information Governance across the enterprise.
• Establish security metric baselines and generate reports reflecting current performance against those baselines using Power BI.
• Document narrative summary and analysis of the metrics.
• Review, track and update company standards for compliance to legal and regulatory requirements. Work with subject matter experts to maintain documentation;

modifies or creates newsecurity standards as needed.

Job Requirements :

strong presentation andreporting skills. Proficient in technical writing and leveraging various creative mechanisms to communicate to diverse audiences.

Desired Skills :