US Foods

Compensation

Full Description

ARE YOU A CURRENT US FOODS EMPLOYEE? PLEASE APPLY DIRECTLY THROUGH OUR INTERNAL WORKDAY CAREER SITE Join Our Community of Food People! At US Foods®, innovation and technology is our superpower. By expanding our digital ecosystem and leading with a customer-first mindset, we’re delivering technology that empowers our customers and simplifies business. As we transform the digital landscape of the foodservice industry, we’re outpacing our competitors faster than ever before. We believe diversity is the cornerstone of creativity and innovation—and we foster an open, inclusive, flexible work environment that supports our transformation. This role leads enterprise-wide IT compliance efforts, ensuring alignment with standards like PCI DSS, SOX, HIPAA, CPRA, and CMMC. As a subject matter expert, the candidate will collaborate across IT, Legal, Security, and Audit to maintain regulatory adherence. Responsibilities include managing compliance program lifecycles, conducting assessments, resolving issues, and reporting to senior leadership. This role will also require strategic thinking, independence, and the ability to navigate cross-functional priorities in a dynamic environment. Flexible Work Policy: The work for the Lead IT Compliance Analyst position is completely remote anywhere in the United States except Hawaii or United States Territories. RESPONSIBILITIES Lead and manage the organization’s annual PCI DSS compliance program, including evidence collection, gap remediation, and annual assessment submission. Serve as the primary point of contact for SOX ITGC audits, working closely with Internal Audit and External Audit teams to ensure timely and accurate responses. Support compliance with HIPAA, CPRA, and CMMC by maintaining documentation, tracking regulatory changes, and coordinating with legal and privacy teams. Respond to data privacy and compliance-related inquiries, including customer assessments and regulatory requests. Understand and articulate regulation impacts to IT value streams and help develop efficient/ effective solutions to ensure compliance. Collaborate with IT, Security, and Business stakeholders to ensure compliance controls are embedded in technology processes and projects. Track and report on compliance metrics, issues, and remediation efforts to leadership. Support third-party risk assessments and vendor compliance reviews. Promote a culture of compliance and accountability across the organization. Stay abreast of proposed and new regulatory compliance requirements and changes by engaging in the industry and with internal experts and understanding US Foods products and processes Conduct assessments of technology systems and processes to identify areas of risk and develop remediation plans Participate in internal and external audits and assist with the resolution of any audit findings Provide training and guidance to technology teams on compliance requirements and best practices RELATIONSHIPS Internal: Information and Cyber Security Team, Digital Commerce, Internal and external audit, Security Engineering, Security Architecture, Cloud/DevSecOps, Data, IT PMO and Product Teams External: Regulatory and compliance organizations and auditors, External Legal Counsel, Technology vendors, including software and service providers; relevant managed security services, and professional services vendors WORK ENVIRONMENT Remote: This role is fully remote, and the associate is expected to perform assigned responsibilities from a home-based environment. MINIMUM QUALIFICATIONS At least 5 - 6 years of information security experience in one or more roles in GRC, Compliance, Risk, Third Party Risk Management, or IT Audit. Broad foundational knowledge in many information and cyber security domains with priority given to regulatory compliance. Demonstratable experience in building positive working relationships with leaders and associates across multiple areas of the business. Must have the ability to work independently and make decisions that reflect the policies of the Information and Cyber Security Team. Experience with compliance requirements (PCI, CPRA, HIPAA, SOX, etc.). Familiarity with security frameworks such as NIST-CSF, ISO 27001, and CIS Ability to effectively communicate business risk and information security concepts to audiences of varying technical acumen through multiple communication channels. Experience measuring and tracking cybersecurity risks, issues, and exceptions Ability to advise, collaborate, and work in a team environment enabling others to trust and grow their skills and competencies Ability to influence without authority to drive desired outcomes. Experience executing security compliance plans, vulnerability management programs, risk management lifecycle, and/or security assessment/governance processes Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively Proactive self-development, staying current on evolving threat landscape, security trends/best practices, and dynamic regulatory requirements Experience developing, measuring and tracking key performance metrics, preferably in a cybersecurity program Strong written and verbal skills enabling effective communication with different levels of leadership. Highly organized, efficient, and close attention to detail. Education Bachelor’s degree from an accredited college/university, Master’s degree preferred CERTIFICATIONS/TRAINING Preferred but not required: SANS GSEC, GCIA (or related), CISSP, ISACA certifications (e.g., CISA, CISM, CRISC) This role will also receive annual incentive plan bonus. Benefits for this role may include health insurance, pre-tax spending accounts, retirement benefits, paid time off, short-term and long-term disability, employee stock purchase plan, and life insurance. To review available benefits, please click here: https://www.usfoods.com/careers/benefits.html Compensation depends on relevant experience and/or education, specific skills, function, geographic location, and other factors as applicable by law (for example: state minimum wage thresholds). The expected base rate for this role is between $95,000 - $155,000 ***EOE – Race/Color/Religion/Sex/Sexual Orientation/Gender Identity/National Origin/Age/Genetic Information/Protected Veteran/Disability Status*** Puede ver este sitio de empleo y aplicación en español utilizando la configuración de su navegador o teléfono móvil. Haga clic a continuación para obtener más información. Microsoft Edge Google Chrome Safari iPhone Androide US Foods is one of America’s great food companies and a leading foodservice distributor, partnering with approximately 300,000 restaurants and foodservice operators to help their businesses succeed. With 28,000 employees and more than 70 locations, US Foods provides its customers with a broad and innovative food offering and a comprehensive suite of e-commerce, technology and business solutions. US Foods is headquartered in Rosemont, Ill., and generates more than $28 billion in annual revenue. Visit www.usfoods.com to learn more. US Foods may collect personal information from you in connection with the application process. US Foods complies with the California Privacy Rights Act of 2020, and its policy may be found here. US Foods, Inc. is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other basis prohibited by applicable law. EEO is the Law poster is available here. EEO is the Law poster supplement is available here. Pay Transparency policy statement is available here. US Foods is committed to working with and providing reasonable accommodation to individuals with disabilities. If reasonable accommodation is needed to participate in the interview process or to perform essential job functions, please contact our US Foods Application Accommodation Line at 866-960-5886. You will be prompted to leave a message. Please state the specifics of the assistance needed and your contact information. A member of our HR department will return your call within two business days.