Butterball, LLC, one of America’s most iconic brands, helps consumers celebrate Thanksgiving and every day in between. Located in the thriving Raleigh-Durham, North Carolina area, our goal is to provide a diverse array of career opportunities and paths which include our farms, processing facilities and support offices.\nWe are the largest producer of turkey products in the U.S., and we make a lot more than Thanksgiving turkeys. Our company’s measurable growth is in no small part due to our team members in North Carolina, Arkansas, Illinois, and Missouri, who each have a seat at the table to contribute to our success

\n

Job Summary

\n

Performs day-to-day monitoring and documentation of the security governance, risk management, and compliance functions. Communicates security measures while collaborating with diverse teams to assess risks, develop and renew policies, and document incidents. Stays abreast of emerging security trends and technologies and communicates the evolution of the organization’s security framework to effectively mitigate risks and maintain compliance with regulatory standards.

\n

Key Responsibilities

\n\nResponsible for security incident and breach documentation. Maintains accurate documentation of security incidents, remediation efforts, and response activities following established protocols and procedures.\nFacilities and reviews deliverables of annual penetration tests and risk assessments of systems.\nCollaborates with business units to ensure security controls are adequate, appropriate, and effective across the organization. Creates detailed documentation for controls, including step-by-step process of how control is verified, action items, artifacts, and ownership if relevant (i.e., CIS18).\nCommunicates and documents IT security best practices, regulatory requirements, and industry standards to promote awareness. Assists in the development of security awareness training for team members.\nResponds and participates as a scribe to security incidents and breaches in a timely manner, following established incident response protocols and procedures.\nResponds to critical and high-priority security alerts with the creation of tickets and tracking tasks through completion.\nProvides support and assistance for internal and external security audits, including conducting audits of security controls and assisting with other audits (i.e., BRC, HACCP, etc.). Collaborates with regulatory officers and auditors, as necessary.\nAudits user roles in external systems (i.e., E2Open, MTech’s VFD app etc.). Enters and maintains exceptions in relevant system (i.e., One Trust) as required.\nGathers risk and compliance information, designs and creates reports, communicates risk mitigation tasks, and documents compliance with regulatory requirements. Provides regular updates to appropriate parties, with may include our parent company.\nReviews and/or creates IT Security playbooks for review.\nSupports initiatives aimed at reducing technology risks and improving governance, compliance, and security.\nDocuments and assess new vendors and obtain necessary security assessments (i.e., SOC2, 
NDAs). Ensures ongoing regulatory compliance through annual reviews of vendor reports, (i.e., SOC2, letters of attestation, etc.).\nAssists the department in responding to inquiries from business units about ongoing security operational compliance.\nReviews health assessments from third party tools, creates tickets, and tracks them to completion, ensuring thorough documentation of findings.\nStays current on emerging cybersecurity threats, and trends to assist with measures to mitigate risks for the organization. Stays up to date on the latest cybersecurity regulations and compliance obligations.\n\n

Minimum Qualifications (Education & Experience)

\n\nAssociate’s degree in related field or equivalent (i.e., IT, Computer Science, Cybersecurity, etc.)\n3+ years of relevant experience or the knowledge, skills, and abilities to succeed in the role.\n1+ relevant security related designation(s), such as Security+, Certified Information Systems Auditor (CISA), CySa+, Cybersecurity Analyst+, Certified in Cybersecurity ISC2 cert (CC), etc.\n\n

Knowledge, Skills, and Abilities

\n

Butterball Core Competencies
Caring about people, valuing contributions, and empowering to succeed is the Butterball Way. We recognize the value that different perspectives and cultures bring to Butterball and seek to create an environment where everyone can thrive. Everyone has a seat at the table and is expected to embody our core competencies:

\n\nSafety First: We put safety first. The health, safety, and well-being of our people, products, and turkeys is everyone's responsibility and everyone's jobs.\nIntegrity: We trust each other to do the right thing. We act with integrity and gain the confidence and trust of others through honesty, respect, and authenticity.\nStewardship: We take care of what matters. We are accountable to our commitments and take responsibility for the well-being of our teams, our quality, our customers, our business, our brand, and our communities. We are always answerable for our actions and those we lead.\nEnthusiastic Attitudes: We create a climate where everyone feels they belong and can be engaged, every day. Where our people are enthusiastic and motivated to do their best and work together to make great things happen.\nContinuous Improvement: We are committed to continuous improvement. We challenge ourselves and our company to constantly learn, develop, grow, improve, and innovate.\n\n

Essential Knowledge, Skills, and Abilities

\n\nKnowledge of Cybersecurity and Infrastructure Security Agency (CISA), information risk concepts, risk assessments, Center for Internet Security (CIS) controls, and National Institute of Standards & Technology (NIST) frameworks\nKnowledge of the International Society of Automation (ISA)/IEC 62443 and current best practices\nKnowledge of data classification and methods to maintain in an environment\nKnowledge and understanding of information security controls attestation reports (e.g., SOC2, ISO27001, PII, PHI, PCI, etc.)\nSolid communication, interpersonal, and collaboration skills with the ability communicate technical concepts to both technical and non-technical audiences\nProficient with Microsoft (MS) Suite (Word, Excel, PowerPoint, Teams, Outlook etc.) and M365 /Azure security and compliance\nSkilled at guiding multiple priorities or concurrent projects with the flexibility to adapt to change to ensure all deadlines for deliverables are met\nFirm problem-solving, critical-thinking, and time-management skills with ability to assess data quality and identify opportunities for improvement\nAdept at collaborating with cross-functional teams\nAbility to obtain One Trust certification with the first year\n\n

Preferred Knowledge, Skills, and Abilities

\n\nExperience in manufacturing or food manufacturing\nExperience administering electronic governance, risk, and compliance tools (ex. One Trust)\nGovernance, Risk, and Compliance related certifications such as CRISC and CGRC\n\n

Physical Demands

\n\nWhile performing the duties of this job, the employee may be regularly required to stand, sit, talk, hear, reach, stoop, kneel, and use hands and fingers to operate a computer, telephone, keyboard, and occasionally lift up to 25 pounds. Specific vision abilities required by this job include close vision, distance vision, depth perception, color vision and the ability to adjust focus.\n\n

Working Conditions

\n\nWork is performed in a climate-controlled office environment. \nThe noise level of the environment is usually moderate.\nOccasional travel may be required.\n\n

The statements herein are intended to describe the general nature and level of work being performed by employees and are not to be construed as an exhaustive list of what is required of personnel so classified. Furthermore, they do not imply or establish a contract for employment and are subject to change at the discretion of the employer. 

\n

Butterball, LLC is an equal opportunity employer and is committed to the fair and impartial treatment of all employees and applicants for employment without regard to gender, age, race, religion, color, national origin, physical or mental disability, military/veteran status, sexual orientation, gender identity and expression, genetic information, marital status, parental status, pregnancy, or any other status protected by law. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of this job

The statements herein are intended to describe the general nature and level of work being performed by employees and are not to be construed as an exhaustive list of what is required of personnel so classified. Furthermore, they do not imply or establish a contract for employment and are subject to change at the discretion of the employer. \nButterball, LLC is an equal opportunity employer and is committed to the fair and impartial treatment of all employees and applicants for employment without regard to gender, age, race, religion, color, national origin, physical or mental disability, military/veteran status, sexual orientation, gender identity and expression, genetic information, marital status, parental status, pregnancy, or any other status protected by law.\n\nThis position is deemed Safety Sensitive for purposes of Butterball’s Drug/Alcohol Screening & Testing Policy. Details will be provided to individuals who receive a conditional job offer, or upon request.\t