• Job Description

  Req#: R147086

  At Hy-Vee our people are our strength. We promise “a helpful smile in every aisle” and those smiles can only come from a workforce that is fully engaged and committed to supporting our customers and each other.

  Job Description:

  Hy-Vee, Inc.

  Job Title: IT Security Auditor

  Department: IT Security - GRC

  FLSA: Exempt

  General Function :

  As an IT Security Auditor within Governance, Risk and Compliance for IT Security you will utilize your business and technical knowledge to ensure the company adheres to legislative, regulatory, industry requirements (e.g. PCI DSS, HIPAA, Privacy, Vendor Management), internal policies and procedures and industry best practices (e.g. CIS, NIST CSF) through the coordination of internal reviews. You will use your experience measuring and tracking cyber risk to evaluate control efficiency and coordinate key security related initiatives.
  

  Core Competencies:

  • Partnerships

  • Growth mindset

  • Results oriented

  • Customer focused

  • Professionalism

  Reporting Relations:

  Accountable and Reports to: Director, Governance Risk and Compliance

  Direct Reports: None

  Primary Duties and Responsibilities :

  • Coordinate and provide subject matter expertise for PCI Store audits
  • Collaborates with other teams to gather evidence to fulfill and complete audit objectives
  • Coordinate control testing to measure effectiveness of the security compliance activities and objectives
  • Accurately document the results of control testing and prepare work papers
  • Coordinate Consumer Data Privacy requests with customers and data management
  • Coordinate third party and vendor management procedures and questionnaires in accordance with compliance objectives

  Education and Experience:

  2+ years of experience in an IT field, preferably working with compliance and auditing-based tasks

  Experience with Jira and GRC tools preferred.

  Physical Requirements:

  Visual requirements include: ability to see detail at near range with or without correction.

  Must be physically able to perform sedentary work: operating a computer, occasionally lifting or carrying objects of no more than 10 pounds, and occasionally standing or walking.

  Must be able to perform the following physical activities: meeting with customers, kneeling, reaching, handling, grasping, feeling, talking, hearing, and repetitive motions.

  Knowledge, Skills, Abilities and Worker Characteristics:

  • Excellent written and verbal communication skills required.
  • Commitment to the Hy-Vee Mission and a willingness to promote the values of the company.
  • Strong interpersonal skills. An ability to relate to and interact with other people in a friendly, professional manner.
  • Ability to identify problems, develop and execute solutions.
  • Highly motivated and a self-starter
  • Strong ability to work individually and prioritize appropriately
  • Demonstrates an in-depth and current knowledge of relevant industry, auditing, operational and/or technology/infrastructure.

  Working Conditions :

  The duties for this position are performed in a general or remote office setting. There is weekly pressure to meet deadlines and handle multiple tasks in a day.

  Equipment Used to Perform Job:

  Laptop and desktop computer, telephone, copier, Fax, printer, PC with Microsoft Office programs and other software relevant to specific position.

  Confidentiality:

  Has access to confidential information.

  Are you ready to smile, apply today.

• About the company

  Hy-Vee is an employee-owned chain of supermarkets in the Midwestern and Southern United States, with more than 280 locations in Iowa, Illinois, Kansas, Minnesota, Missouri, Nebraska, South Dakota, Wisconsin, and soon Indiana, Kentucky, Tennessee, and A...

Notice