Director, Application Security Operations
Address: USA-NC-Salisbury-2110 Executive Drive
Store Code: Technology Innovation (5105118)
What's Our Dish
Announced in May 2018, Peapod Digital Labs (PDL) is an Ahold Delhaize USA company that powers the eCommerce and digital strategies for the Great Local Brands of Ahold Delhaize USA. Accelerating growth in digital and personalization capabilities, PDL is an innovation lab focused on meeting the changing needs of customers, regardless of when, where, and how consumers choose to shop.
Browse the Aisles
SecOps function at Peapod Digital Labs which is responsible for building/maintaining Security controls within DevOps processes, building and enhancing security review of infrastructure and applications, and supporting vulnerability management processes. We're looking for a Director, Security Operations to lead and run a growing team and to take PDL's security operations teams to the next level. Is your mission to proactively detect, respond to, simulate, and identify breach attempts and threat actors and support our global cyber defense team?
This role will review and assess the security of applications, containers, infrastructure as code repositories working together with development and infrastructure teams create solutions that are scalable for an enterprise environment. The Security Director will understand automation and how it is best applied to obtain a continuous delivery goal. The SecOps leader will be working on longer-term engagements with DevOps, Site Reliability Engineers, Digital Operations and Application teams for developing automated workflows to provide SecOps as a Service within DevOps pipeline.
You will build and own solutions to quickly identify breach attempts, contain and eradicate threats, streamline our security incident response processes with the business, continuously test our controls, and help the business make informed decisions based on threat intelligence. You will establish metrics that demonstrate continuous improvements for the team and capitalize on your proposed strategy for improvements. We use a combination of managed and self-hosted approaches. This is a unique opportunity to chip in to the areas of standardized automated infrastructure and service provisioning and orchestration, and forward thinking planning and execution of large technical projects with security as central focus.
Recipe for Success - What's "in store" for the role
- Lead and strengthen teams of dedicated analysts and engineers, ensuring they deliver high quality, timely work and that they're happy, motivated, and growing
- Implement and maintain security for all our customer and employee facing technology stack, to use fully automated, self-service, highly scalable, cost-efficient, observable, auditable and reliable infrastructure, continuous delivery, environments and analytics services as a daily standard practice
- Develop capabilities and team to help secure Web Application Firewall, Bots protection, API, Data, Containers, VMs and Network.
- Drive the execution of security and secure coding practices across the engineering teams, collaborating with SREs and engineers across development teams while also performing hands-on work on the most critical challenges
- Improve the company's ability to identify, detect, and response to threats by leading new technology selection, configuration, internal product development, obtaining-buy-in, and implementations with a heavy emphasis on automation
- Establish a set of measurable metrics that reflect the baseline of all SecOps functions and commit to improvements
- Detailed process management to ensure audit trails of activities are reviewed and follow policy and audit requirements
- Build continuous security testing capabilities that feeds into PDL's vulnerability management program
- Build a world-class threat intelligence capability that allows PDL to focus on the most relevant threats and those of our customers as well
- Scale the organization to accommodate for hyper growth
- Be vital to shaping the future of the security organization
- Partner with PDL's product management team by becoming an advocate of our security related issues and champion areas of improvement
- Represent PDL in the digital forensic and incident response, penetration testing/read teaming, and threat intelligence efforts
- Support Azure private cloud initiatives around Automation, Governance, Logging, and Security
- Build capabilities around secure engineering design review to teams planning and implementing large migrations, SOA, broad architectural shifts, and capacity growth
- Use alerting, logging, and monitoring to identify areas of opportunity to promote secure coding and practices for day to day objectives
- Support vulnerability management of Linux and Windows environments using automation
- Collaborate with the other governance, risk, and security teams to develop and update various security processes and procedures
- Propose and drive large security improvements to production systems to achieve significant improvements for our business and engineering teams
- Mentor and coach engineers to be curious and effective at discovering and solving security challenges.
The Essentials In Your Cart - The required ingredients
- 15+ years' experience in application or infrastructure architecture or engineering
- You have technical experience with various cloud providers, containerization technologies, automated deployment frameworks, orchestration frameworks, monitoring, logging, alerting, system internals, networking, databases, distributed systems, and SOA
- You have the skills to implement load, stress, performance and reliability testing standards at scale to improve service, platform and infrastructure resiliency
- Experience in risk management findings, vulnerability prioritization, threat modeling, and mitigation strategy
- CI/CD experience with Jenkins, Terraform, or Azure DevOps
Extra Spices - What you should provide
- Demonstrable experience building scalable organizations that have improved security operations capabilities
- Clear experience building effective partnerships with internal customers to improve on short-term and long-term security operations in the service of the business
- Focus on building a diverse and inclusive organization that is geographically separated
- Motivation and ability to grow talent by providing a proper mentorship and performance management environment while prioritizing emotional intelligence
- Able to do things differently and move out of comfort zone by allowing teams to design new techniques and approaches that drive substantial change
- Prior experience building security operations functions for a product or cloud-native company
- Participated in large scale breach detection/response programs
- Ability to pragmatically guide external collaborators, leadership, and team through crisis
- You want to work in a fast-paced, high-growth startup environment
- You communicate efficiently with collaborators ranging from executives to junior engineers
- You exemplify high accountability, integrity, and resilience to maintain focus on both big-picture goals and achievements to get there
- You enable the engineering organization to innovate and deliver with greater speed and safety, securely
#LI-Hybrid
Join Us at Our Table
Peapod Digital Labs is a forward-thinking company with a strong legacy of innovation. We recognize who powers our progress - our people! Our vision is to become an organization where humanity is universally embraced; Diversity, Equity, Inclusion and Belonging are infused in our business; and our PDL employees are representative of the world and the communities that we serve.
We believe in total wellness, which encompasses a balance of physical, financial, and emotional wellness. No matter where you are on your personal wellness journey, PDL provides access to a variety of tools and resources to support total wellness. This includes medical, dental, and vision benefits, health savings accounts, flexible spending accounts, 401(k) with a strong company match, paid parental leave, adoption assistance, tuition reimbursement, generous and flexible paid time off and holiday policy, and an array of voluntary benefits including critical care, pet insurance, and additional life coverage.
We are an equal opportunity employer. We comply with all applicable federal, state and local laws. Qualified applicants are considered without regard to sex, race, color, ancestry, national origin, citizenship status, religion, age, marital status (including civil unions), military service, veteran status, pregnancy (including childbirth and related medical conditions), genetic information, sexual orientation, gender identity, legally recognized disability, domestic violence victim status or any other characteristic protected by law.
Job Requisition: 311849_external_USA-NC-Salisbury_522023