D&T Analyst II - Cyber Security, Data Protection & Privacy

We make foodthe world loves: 100 brands. In 100 countries. Across six continents.

How we make our food is as important as the food we make. Our values are baked into our legacy and continue to accelerate

us into the future as an innovative force for good. General Mills was founded in 1866 when Cadwallader Washburn boldly bought the largest flour mill west of the Mississippi. That pioneering spirit lives on today through our leadership team who upholds a vision of relentless innovation while being a force for good. For more details check out

General Mills India Center (GIC) is our global capability center in Mumbai that works as an extension of our global organization delivering business value, service excellence and growth, while standing for good for our planet and people.

With our team of 1800+ professionals, we deliver superior value across the areas of Supply chain (SC) , Digital & Technology (D&T) Innovation, Technology & Quality (ITQ), Consumer and Market Intelligence (CMI), Sales Strategy & Intelligence (SSI) , Global Shared Services (GSS) , Finance Shared Services (FSS) and Human Resources Shared Services (HRSS).For more details check out

We advocate for advancing equity and inclusion to create more equitable workplaces and a better tomorrow.

JOB REVIEW

Function Overview

The team places a strong emphasis on service partnerships and employee engagement with a commitment to advancing equity and supporting communities. In fostering an inclusive culture, the team values individuals passionate about learning and growing with technology, exemplified by the Work with Heart philosophy, emphasizing results over facetime. Those intrigued by the prospect of contributing to the digital transformation journey of a Fortune 500 company are encouraged to explore more details about the function through the following

Purpose of the role

This role is responsible for supporting the execution of how General Mills appropriately protects personal data from cyber-attack, including how this data is internally secured, and will ensure associated privacy are being implemented accordingly. This will be accomplished by partnering across D&T, Law, Data Governance, and key business partners to identify risks to personal data and working across those teams to provide and implement mitigation recommendations, in accordance with General Mills overall Data Protection and Privacy Management strategy.

KEY ACCOUNTABILITIES

45% - Data Protection Execution:

. Regularly meet with relevant stakeholders to provide tactical direction in the development and execution of data management plans.

. Communicate plans to protect personal data to peers across Data Governance, Digital Core, Solution Development, Data Management Plan owners, DD&A, and Cyber Security

. Conduct regular assessments of compliance for GMI digital capabilities to assess privacy risk and propose mitigating efforts.

. Support the creation of personal data inventory to appropriately record data flows within GMI systems, cloud environment, and third-party vendors.

. Support technical support for privacy related technologies.

45% - Privacy Management:

. Apply an established universal level of privacy governance across all personal data types, and ensure this governance is both reasonable and actionable.

. Stay up-to-date on emerging personal information - oriented privacy laws, as well as changes to existing privacy laws, and be prepared to provide an impact assessment of those changes to relevant stakeholders

. Partner with the Data Privacy team on the implementation of privacy directives across our technology landscape, as it pertains to personal information.

10% - Partnership & Benchmarking:

. Maintain existing and develop new contacts within the candidate's professional network of cyber security/Privacy peers and leading security consultants/vendors.

. Continuously develops knowledge of evolving best practices and trends through peer benchmarking, industry events/associations, and educational opportunities.

. Share knowledge and trends within the Cyber Security team to improve General Mills cyber security awareness.

MINIMUM QUALIFICATIONS

• Education - Full time graduation from an accredited university (Mandatory- Note: This is the minimum education criteria which cannot be altered)
• Minimum 5 years of related experience required.

Special Job Experience or Skills needed:

• Knowledge of privacy laws and the relationship they have with cyber security
• Technical Expertise supporting Privacy related technologies (OneTrust)
• Successful track record of positively influencing stakeholders.
• Strong communication and presentation skills.
• Experience establishing strong working relationships with business partners.
• A working knowledge of cyber security, cyber security technology, risk assessment, privacy compliance and management.
• Successful track record of positively influencing stakeholders.
• Strong communication and presentation skills.
• Experience establishing strong working relationships with business partners.
• A working knowledge of cyber security, cyber security technology, risk assessment, privacy compliance, and management.
• Demonstrated ability to work across organizational boundaries, and influence others.
• Ability to work on an agile product team define and manage internal projects and milestones and demonstrate leadership skills.
• Strong interpersonal, verbal, presentation, and written communication skills.
• Ability to effectively present to a wide range of audiences.
• Comfortable shifting priorities and simultaneously engaging in and managing multiple projects.
• Ability to make decisions and solve problems especially where there is ambiguity.
• Ability to influence through relationship building and executive presence.
• Ability to work both independently and collaboratively in a team environment.
• Discretion, integrity, and independent sound judgment in both designing and implementing processes.
• Strong analytic skills with a penchant for metrics.

• Certified Information Systems Security Professional (CISSP), Certified Information Privacy Professional (CIPP) by the International Association of Privacy Professionals (IAPP), and/or public sector equivalent.