Director Business Security Advisory US

Company: Delhaize America
Location: Quincy
Posted on: November 22, 2022

Job Description:

Director Business Security Advisory US

Posting Date: 10/28/2022

Location: Quincy, MA

Apply NowAddress: USA-MA-Quincy-1385 Hancock Street

Store Code: IS Policy and Go (5116747)

Ahold Delhaize is one of the world's largest food retail groups and a leader in both supermarkets and e-Commerce. Its family of great, local brands serves more than 50 million customers each week in Europe, the United States and Indonesia. Together, these brands employ more than 420,000 associates in more than 7,000 grocery and specialty stores. Our Global Support Office (GSO) is based in Zaandam in the Netherlands, but GSO associates also work in all the countries we serve. This team supports all our great local brands in finance, HR, IT, legal, communications, sustainable retailing, and other key functions.

We are hiring! Come join our dynamic team of information security professionals dedicated to advancing technology and services in the retail industry.

Who are we? Ahold Delhaize is one of the world's largest food retail groups and a leader in both supermarkets and e-Commerce. Its family of great, local brands serves more than 50 million customers each week in Europe, the United States and Indonesia. Together, these brands employ more than 400,000 associates in more than 7,000 grocery and specialty stores. Our Global Support Office (GSO) is based in Zaandam, Netherlands, but GSO associates also work in all the countries we serve.

The Business Security Advisory is an exciting role and one of the leaders in supporting the organizations "shift left" and "secure by design." strategy. We value your information security knowledge, technical background, and people skills.

Position Summary:

You would have the opportunity to work within a group that values diversity and inclusion in a fun and dynamic environment. With an ever-changing threat landscape there is ample opportunity to learn and grow with little chance of becoming bored.

Does teaching others about complex security concepts in a manner that they understand, and can action upon, appeal to you? This role would partner with the business to ensure that business needs are met while also ensuring that a proper level of security is maintained for our data, systems, and third-party business partners.

Do you get a sense of fulfillment when you analyze problems and find solutions? You would be identifying and evaluating complex business and technology risks, determining the potential impact of these risks and required mitigation efforts, and providing guidance for solution and process development and implementation.

If interacting with others and building strong working relationships is important to you then this job could be what you are looking for. This position also serves as the information security subject matter expert and liaison between the business and the other Security teams and would require a commitment to stakeholder management.

Principle Duties and Responsibilities:

Lead a team of information security professionals who:

Formally assess information security risks related to business projects, determine the potential impact of those risks, and conduct follow-up, throughout the project lifecycle, on any necessary remediation efforts. Ensure that IT solutions and business processes comply with Company policy, Company controls and applicable legal and regulatory requirements while also ensuring that business objectives are met.

Conduct initial and ongoing formal assessments of information security risks related to vendors, determine the potential impact of those risks, and conduct follow-up on any necessary remediation efforts.

Develop a specialized knowledge of, and key relationships with brands, ensuring that security is imbedded in each brand and that their security needs are being met. Collaborate with other team members to identify opportunities for implementing common security solutions or leveraging existing solutions.

Develop strategies and drive efforts to facilitate business ownership of data, including creating/providing necessary tools for identification and tracking of data repositories, training materials, and professional presentations.

Actively expand consulting and assessment capabilities through training courses, mentoring, and daily interaction with internal customers

Drive continuous improvements in People, Process and Technology with the Business Services Advisory team and all of Information Security.

Contribute to the development of Information Security strategy by active, vocal participation in the global security leadership team

Requirements

Basic Qualifications:

* Bachelor's degree in Information Systems or related field or equivalent work experience.
* 5+ year's related-technology and/or related-business experience in vulnerability management.
* Strong understanding of Information Security industry standards/best practices such as NIST.
* Strong understanding of Information Security related laws and regulations including HIPAA and PCI.
* Excellent organization, communication, collaboration, and interpersonal skills.
* Ability to communicate and present complex issues and ideas with precision and clarity, adjusting appropriately for the audience; ability to communicate effectively at all levels of the organization.
* Experience working within a large, complex corporate environment providing consulting services on large initiatives.
* Knowledge of cloud computing technology (e.g. Azure, Google Cloud, AWS, etc.)
* Experience managing and prioritizing multiple tasks in an effective manner.
* Knowledge and understanding of network and security fundamentals, protocols, and technologies.
* Understanding of mitigating security controls (i.e., anti-virus, IPS/IDS, email filtering, web site blocking, patching) and how they work in an overall defense in depth risk assessment methodology.
* Understanding of Technology Platforms (Windows, Open Source, Middleware Applications, Database Applications, Cisco, Adobe, Microsoft security suite)
* Understanding of incident handling.
* Experience developing and providing effective and professional presentations to all levels (including Senior Management).
* Knowledge of security protocols and principles.
* Ability to work in a dynamic and diverse team-oriented environment.

Preferred Qualifications:

* Industry-recognized security, network, cloud (e.g. Azure, AWS, etc.), or other professional certifications sponsored by organizations such as SANS, ISC2, Microsoft, Cisco, and Offensive Security.
* Working knowledge MITRE ATT&CK Framework, CIS Controls, and OWASP.
* Experience managing projects and vendor management.
* Experience in conducting training and mentoring.
* Working knowledge of SDLC methodologies (i.e. Agile and Waterfall).
* Knowledge of engineering and/or architecture of technologies such as network firewalls, intrusion detection sensors, antimalware technologies, vulnerability scanning technologies, and APT prevention technologies.
* Experience developing and maintaining operational metrics.

The GSO sets global strategies frameworks, facilitates the sharing of best practice and encourages economies of scale. Great examples include sharing technology and digital know-how, so we can continue to lead in online and in-store retailing, setting global targets for healthy and sustainable products-including reducing food waste, use of plastics and making our products healthier to use and eat, and championing development for our future leaders-from learning about the digital mindset to leading our stores of the future.

Under the federal Transparency in Coverage rule, group health plans are required to make publicly available machine-readable files that include in-network rates and out-of-network allowed amounts and billed charges. Click the link to view the in-network rates and out-of-network allowed amounts and billed charges under the welfare benefits plan in which GSO participates

We are an equal opportunity employer. We comply with all applicable federal, state and local laws. Qualified applicants are considered without regard to sex, race, color, ancestry, national origin, citizenship status, religion, age, marital status (including civil unions), military service, veteran status, pregnancy (including childbirth and related medical conditions), genetic information, sexual orientation, gender identity, legally recognized disability, domestic violence victim status or any other characteristic protected by law.

Job Requisition: 271433_external_USA-MA-Quincy_9302022Apply Now

Collapse job description

Read full job description

Keywords: Delhaize America, Quincy , Director Business Security Advisory US, Executive , Quincy, Massachusetts