Essential Duties and Responsibilities:
Strategy - Contribute to the development and review of the system's capability to meet security requirements
- Present analysis and recommended controls to address gaps or deficiencies
- Translate regulatory, compliance, and legal requirements into system designs and processes
- Identify and apply security controls to the technology solutions to achieve security compliance
- Develop security designs for systems and networks to effectively address security requirements driven by multiple classification levels of data
- Identify leading solutions and new security architecture patterns to achieve optimal security posture and meet business needs
- Establish policies around incident response, vulnerability management, risk assessment, etc
Execution- Apply the trust level for all users and administrators of the system and all systems to ensure security posture and privileges
- Setup alerting to detect malicious activities in any of the assets
- Analysis of results of SAST, VAPT, and security tool findings and provide recommendations
- Assess security incidents and provides management with guidance to ensure effective response
- Achieve ISO, SOC2, GDPR, Cert-In, and external VAPT compliance
Tools- Optimally use security tools available to achieve the security and compliance posture required
- Drive security intelligence efforts to explain patterns and trends to improve the ability to prevent and circumvent potential attacks
- Ensure all security tools related to EDR, Antivirus, and Compliance are properly in place & working
- Ensure regular review of the security objectives and work towards rectifying shortcomings
- Evaluate and initiate efforts to detect patterns to predict, identify, and define potential risk
Leadership- Knowledge of cyber-security frameworks, risk management frameworks, and related standards and guidance to defend proposed security architecture patterns from a risk management perspective.
- Answer security questionnaires sent by customers and evaluate the security posture of vendors
- Establish runbooks to mitigate the impact of malicious activities. Find the root cause and execute the next steps to ensure such activities do not repeat
- Participate in prioritization exercises and provide technical solutions
- Be a security evangelist in the company through training and guidance about security items
|
Education and/or Work Experience Requirements: - At least 6 years of experience in SecOps
- Has led a team before
- Proven ability to achieve compliance with ISO or SOC2 or any such security standards
- Knowledge of CCPA / GDPR
- Certifications related to security processes and operations
- Experience with EDR, Antivirus, and remote mitigation of threats
- Experience with setting up and governance of security processes
- Used Crowdstrike, QRoC, Qualys, Sysmon tools, AWS Security Hub, AWS Guard Duty
- Proven experience in the mitigation of a security incident
Delivery Solutions is a Retail eCommerce OXM Platform that provides retailers with out-of-the-box solutions to power Same-Day Delivery, Curbside, In-Store Pickup, Shipping, and post-purchase experiences. We are trusted with some of the biggest names in multiple verticals of retail like Sephora, AT&T, Footlocker, Michael's, Office Depot, GameStop, Total Wine, Sally Beauty, Abercrombie & Fitch Co. Belk, Loblaw, Vineyard Vines etc.
Our SAAS-based solution is highly flexible and interacts seamlessly with E-commerce properties, OMS, WMS, and POS systems for a highly scalable experience and a delighted customer base.
Delivery Solutions is a wholly-owned subsidiary of UPS | We are a certified Great Places To Work Company
|
