Job Description
Senior Analyst - Cybersecurity (Risk Management & Compliance)
Location: Krakow, Poland (Hybrid)
Type: Full-time employment
Shift: [2:00 PM-10:00 PM CET, 7:00 AM-3:00 PM CDT] with flexibility
This position is with the Cyber Governance Compliance & Risk Management Team at Sysco to manage and support the Cyber Risk Management and Compliance areas. You’ll work closely with the compliance team to hone and deliver our GRC program while also working alongside Technology and Business teams to help integrate security best practices into their processes to ensure consistent adherence to controls. Additionally, you will assist in developing cyber security requirements, conducting cyber risk assessments, evaluating security services and technologies, and reviewing and documenting information security policies and procedures.
Responsibilities
- This position is an experienced level, hands-on Senior Analyst Cyber Risk Management & Compliance, performing IT security functions and maintaining systems, while providing technical guidance to the team
- The GRC analyst will be responsible for leading the day-to-day cyber compliance, data governance, and cyber risk management functions.
- The role will include responsibility for defining, creating, and managing cyber and organizational policies and standards in support of legal and regulatory compliance including PCI, NACHA as well as general cyber and organizational information security practices.
- The Senior analyst will participate in process improvements to the RSA Archer Platform
- Collaborate with stakeholders, business analysts, process leaders, and architects in interpreting requirements and configuring them into software platforms.
- Execute cybersecurity risk assessment and control attestation processes in GRC.
- Participate in the development and implementation of the system-wide risk management function of the information security program to ensure cyber security risks are identified and monitored.
- Participate in the system-wide information security compliance program, ensuring cyber activities, processes, and procedures meet defined requirements, policies and regulations.
- Monitor, track and manage Cyber Findings, Exceptions and Issue tracking along with reporting them to respective teams.
- Candidate should be able to provide GRC guidance and interpretation of rules, regulations, risks, and best practices.
- Ability to trouble shoot, identify, analyze and mitigate GRC related risks in existing processes, policies and procedures.
- Review control effectiveness evidence to assess the quality and effectiveness of the implemented controls.
- Document residual risk.
- Prepare and communicate operational metrics and trend analysis for the Cybersecurity Leadership Team
Qualifications
- Bachelor’s and Seven (7) years or more of related experience
- 5+ years of experience in GRC, risk management and/or policy management
- 5 years of experience in risk assessment, IT policy, compliance requirements
- 5 years of experience with RSA Archer or other GRC Tools/Platform.
- Strong understanding of cybersecurity frameworks, regulatory compliance standards, and enterprise risk management practices.
- Excellent communication skills in English (B2+ or higher) and ability to collaborate across functions and geographies.
Why Join Us
- Be part of a global cybersecurity team protecting a dynamic enterprise environment.
- Opportunity to work with modern security technologies and drive tool innovation.
- Collaborative culture with professional development opportunities.
- Hybrid work model with our Kraków office as the primary location.
