Walmart Canada · 4 days ago
(USA) Distinguished, Risk Expert
(USA) ISD Office - DGTC AR BENTONVILLE Home Office
Full-time
Onsite
Senior Level
$130K/yr - $260K/yr
6+ years expWalmart Inc. is a leading retail corporation committed to safeguarding its digital environment. The Distinguished, Risk Expert will enhance the delivery of secure technology by bridging organizations and strategic partners, while managing cybersecurity risks and ensuring compliance with security standards.
DeliveryRetailShopping
Responsibilities
Key leader for all things information security within a core technology team
Establish and embed security into engineering using automation and scalable security practices throughout the software development lifecycle
Partner and collaborate across other operations leaders in educating and initiating actions to mature the security posture for the teams
Both determine where the opportunities exist for the technology teams, and then further define and roadmap the maturity journey to raise the security posture expectation
Understand key business goals to reframe risk discussions and resulting decisions in business terms
Inform senior business leaders and partners and product teams on the long-term risk implications of product options using both data and expert experience to guide decision making
Predict demand increases both in existing operations and for new yet to be offered services from Information Security
Keep awareness and aid InfoSec teams to maintain priority for all work for your supported area to be aligned to the business needs
Translate business needs into product requirements for feeding backlogs of horizontal offerings by Information Security
Serve as a primary arbiter for risk management between business needs and security risk, aligned with quantitative risk measurement standards
Function as the primary escalation point for incidents involving your supported area and Information Security, including attending war rooms when notified and follow up on problems involving Information Security services
Participate in industry councils or working groups to influence security best practices within the retail industry
Constructively engage teams, including business teams, to resolve cybersecurity issues
Establish risk ownership and accountability
Monitor open security risk issues to ensure strategic planning identifies and avoids such risks in the future
Manages the execution of security initiatives by prioritizing critical issues for root-cause analysis; ensuring resolution of critical issues; monitoring progress versus plan; escalating complex or difficult issues; conducting business and technical design sessions; utilizing scope-change orders to track changes to the project; tracking expenditures and budgets; providing informational presentations; managing stakeholder expectations; holding self and project team accountable for project delivery; and developing performance reports
Monitors, analyzes, and remediates information technology (IT) security risks and vulnerabilities by adhering to defined operating procedures; reviewing metrics to identify outliers, inefficiencies, and non-standard actions associated with operational processes and reporting the findings; identifying improvement opportunities and providing feedback to senior team members and management; and participating in meetings for any initiatives or tasks that will alter current processes
Maintains vendor relations by preparing and executing requests for proposals (RFPs); facilitating the vendor selection process; reviewing statements of work; ensuring compliance with vendor contracts; and reporting on vendor contract execution
Oversees multiple compliance efforts by monitoring the implementation of specific information security controls; ensuring expertise with regulatory concepts (for example, International Organization for Standardization (ISO), Sarbanes-Oxley Act (SOX), Payment Card industry Data Security Standard (PCI), Health Insurance Portability and Accountability Act (HIPAA)); managing multiple compliance assessments and remediation processes; identifying security compliance assessment and remediation process improvement; defining and/or implementing solutions to assess compliance and reduce risk; coordinating and communicating enterprise compliance assessments and remediation processes; presenting results and analysis of assessment and remediation activity relevant to missing strategic goals to senior and executive management; and defining governance reports, practices, goals, and strategic efforts to enforce mandated compliance practices
Manages the implementation of security governance by leading governance strategy; ensuring familiarity with Walmart information security policies, standards, procedures, and best practices; modeling various governance concepts (for example, Information Technology Infrastructure Library (ITIL), Control Objectives for Information and Related Technologies (COBIT), Six Sigma, Cybersecurity Capability Maturity Model (CMM)); developing recommended remediation for gaps in security governance and policies through collaboration and consensus building; enforcing all information technology policies and procedures; comparing and contrasting Walmart practices and industry standards; reviewing governance standards for overlap and inconsistencies with operational, security, and management practices; reporting to executive management identified governance issues leading to the identification of missing governance related strategic goals; tracking pending legislation to analyze potential impact to business operations; and defining governance reports and practices for senior management in order to enforce governance practices and meet established corporate goals and strategic efforts
Analyzes and identifies risk by understanding factors that influence impact and likelihood of identified risk; building working knowledge and relationship between risk and governance; building expertise in risk analysis in multiple layers of security specialty (for example, physical, governance, technical); developing risk mitigation strategies for identified vulnerabilities; representing risk in multiple areas or domains; defining risks based on criticality, frequency, or level of impacts; developing risk, assessment, and reporting frameworks
Provides overall direction by analyzing business objectives and customer needs; developing, communicating, building support for, and implementing business strategies, plans, and practices; analyzing costs and forecasts and incorporating them into business plans; determining and supporting resource requirements; evaluating operational processes; measuring outcomes to ensure desired results; identifying and capitalizing on improvement opportunities; promoting a customer environment; and demonstrating adaptability and sponsoring continuous learning
Develops and implements strategies to attract and maintain a highly skilled and engaged workforce by diagnosing capability gaps; recruiting, selecting, and developing talent; supporting mentorship, workforce development, and succession planning; and leveraging the capabilities of new and existing talent
Cultivates an environment where associates respect and adhere to company standards of integrity and ethics by integrating these values into all programs and practices; developing consequences for violations or non-compliance; and supporting the Open Door Policy
Develops and leverages internal and external partnerships and networks to maximize the achievement of business goals by sponsoring and leading key community outreach and involvement initiatives; engaging key stakeholders in the development, execution, and evaluation of appropriate business plans and initiatives; and supporting associate efforts in these areas
Qualification
Required
Option 1: Bachelor's degree in computer science, information technology, engineering, information systems, cybersecurity, or related area and 6 years' experience in cybersecurity risk or related area at a technology, retail, or data-driven company
Option 2: 8 years' experience in cybersecurity risk or related area at a technology, retail, or data-driven company
Preferred
Certification in Security+, GISF, GSEC, CISA, CISSP, CCSP, or CISM
Master's degree in Computer Science, Information Technology, Engineering, Information Systems, Cybersecurity, or related area and 4 years' experience leading information security or cybersecurity projects
Background in creating inclusive digital experiences
Demonstrating knowledge in implementing Web Content Accessibility Guidelines (WCAG) 2.2 AA standards
Knowledge of accessibility best practices
Benefits
Health benefits include medical, vision and dental coverage.
Financial benefits include 401(k), stock purchase and company-paid life insurance.
Paid time off benefits include PTO (including sick leave), parental leave, family care leave, bereavement, jury duty, and voting.
Other benefits include short-term and long-term disability, company discounts, Military Leave Pay, adoption and surrogacy expense reimbursement, and more.
Live Better U is a Walmart-paid education benefit program for full-time and part-time associates in Walmart and Sam's Club facilities.
Company
Walmart Canada
Walmart Canada is a subsidiary of Walmart that operates a chain of more than 400 stores nationwide. It is a sub-organization of Walmart.
10001+ employees
Funding
Current Stage
Late StageRecent News
Canada NewsWire
2025-12-18
Canada NewsWire
2025-12-03
Company data provided by crunchbase