IT Analyst-Governance, Risk and Compliance-Eden Prairie, MN at United Natural Foods Inc

Posted in Software 8 days ago.

Type: Full-Time
Location: Eden Prairie, Minnesota

Job Description:

Who We Are

We're pioneers who every day deliver new choices that shape the foodscape. We discover what's next. Bold ideas and new possibilities that drive the industry. Better food. Better future. Our teams are a highly innovative group of talented professionals; laser-focused on making a difference and having fun while we do it.


At UNFI, we're inspired by the unexpected. We look at things like our unmatched distribution network and full-store assortment through a new lens. From gourmet and ethnic to fresh, prepared foods to specialty cheese - we cover everything in the store and your kitchen. Energizing tomorrow, guiding a healthier road ahead.


We believe that:

  • Freedom of food choice matters

  • Discovering what’s next keeps us vital

  • We’re not afraid to get our hands dirty

  • We’re here to connect food, people and the planet

  • New routes can take us anywhere

  • Scale drives our ability to positively impact lives

  • There is no limit to fresh ideas

  • Sustainability is our responsibility

A Bit About You…

  • You thrive in a fast-paced, dynamic environment

  • You wake up in the morning with a passion to inspire others to be great

  • You possess the ability to lead leaders to develop strong teams and deliver on your strategies

  • You are a natural at connecting with others and building strong relationship networks

  • You have a proven ability to leverage consumer insights to develop brand positioning

  • You understand the importance of collaboration and partnership to enable business outcomes

  • You strive to build and deliver the “big picture” strategy

  • You possess a positive mindset and often spotlight opportunities that others may overlook

Job Overview:

The IT Analyst - GRC is responsible for working across the organization with all levels of individuals on several important Security areas.  This includes working with internal and external auditors to implement and execute on a comprehensive Security Governance and Compliance programs, update IT and Security Policies, and work with monitoring programs in alignment with policies.  This role is responsible for coordinating and reporting on IT portions of internal and external audits, review findings and work with the impacted areas to develop, track, and complete remediation plans.  In addition will work to monitor policy alignment internally and with our External Third Parties. 

The Analyst roles will work with the GRC management to execute and maintain a robust IT compliance program that proactively manages policy alignment, audits & assessments and risks to the enterprise.  These roles will also contribute to the Identity and Access Governance program, security policy and standard development, and cyber security awareness program.

Job Responsibilities and Accountabilities: 

  • Participate in regular access reviews on critical systems to help ensure access is appropriate.

  • Monitor for overall compliance with regulatory requirements, including but not limited to PCI, SOX, HIPAA, etc.

  • Conducts assessments to identify gaps and make sound recommendations for improvement. Identify acceptable levels of residual risk, and assist with action plans, policy and procedural changes for risk mitigation.

  • Conduct and monitor the enterprise security awareness program; ensure compliance across the organization.

  • Determine threats, identify risks and vulnerabilities to the organization, maintains and updates control framework.

  • Assists with the build out of an enterprise GRC technology platform; development and documentation of application functionality.

  • Assist with the development of the Identity and Access Governance function and drive the execution and implementation of the program. 

  • Participate in Third Party assessments.

  • Prepares documentation and reports requiring minimal revision by management.

  • Meets with various management groups to facilitate efficient and effective compliance projects and services.

  • With minimal supervision, holds discussions with management regarding control weaknesses and prepare reports to management communicating final results including recommendations to improve technology and business practices.

  • Identifies opportunities and provides solutions for improvement, such as automation, to compliance processes.

  • Monitors progress and status of multiple concurrent assigned compliance projects to ensure completion within budgeted time-frames, reporting any timing issues to management in a timely manner.

  • Collaborates with, internal and external auditors.

Job Requirements:

  • Training and awareness in security governance, risk, and compliance, or related field preferred.  Bachelor's degree in Computer Information Systems, Information Technology, Accounting, and Finance or related field is preferred.

  • Requires excellent analytical and communications skills to learn customer business objectives, evaluate risks and plan, supervise and control compliance and other activities.

  • Proficient in MS Office tools (Excel, Word, etc.)

  • Must have excellent verbal, written and presentation skills, a high degree of personal integrity and ability to work under limited supervision.  Supervisory skills, ability to work well with others in a team environment and ability to produce results through others is required. 

  • Must be capable of working under minimum supervision, planning and conducting compliance assignments and directing the activities of staff as required.

  • Knowledge in the following areas: operating systems, applications, operations (batch processing, monitoring) networking and telecommunications, databases, and logical security

  • Ability to learn the In-Depth knowledge of internal control concepts, principles, risk analysis, Sarbanes-Oxley Compliance, PCI Compliance, HIPAA, Privacy, process improvement and techniques, including COSO and COBIT frameworks.

All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity or expression, national origin, disability, or protected veteran status. UNFI is an Equal Opportunity employer committed to creating an inclusive and respectful environment for all. - M/F/Veteran/Disability. VEVRAA Federal Contractor.