Manager, Security Operations

Manager, Security Operations

At SpartanNash, we deliver the ingredients for a better life through customer-focused innovation. We do this for our supply chain customers and U.S. military commissaries, retail store guests and, most importantly, our Associates. In fact, we see a day when each will say, People First culture, Operational Excellence and Insights that Drive Solutions. Ready to contribute to the success of our food solutions company?

The Manager, Security Operations is responsible for maintaining and advancing the enterprise-wide information security operations program to ensure that data, information assets and critical infrastructure are adequately protected. This position supports strategic direction, policy and provides standard development and process mapping for Information Security, leveraging quality and risk as key components to the overall program.

Here's what you'll do :

• Development and implementation of a strong Information Security practice at SpartanNash
• Oversight of the confidentiality, integrity, and availability of the data residing on or transmitted to / from / through enterprise workstations, servers and other systems and in databases and other data repositories
• Day-to-day management of Information Security Operations
• Management of Security Operations activities and personnel
• Oversee security monitoring practice and analysis of security alerts
• Supervise all investigations and provide on-going communication with stakeholders and senior management
• Lead and support the design and execution of vulnerability assessments, penetration tests, and security audits
• Act as a point of escalation for the team and collaborate with enterprise teams in the event of an incident
• Handle and escalate security incidents as defined in the incident response procedures
• Facilitate and participate in eDiscovery and forensic investigations with outsourced vendors
• Prepare reports and necessary documentation for leadership to detail security evaluations and incidents
• Establish Information Security processes for the team
• Oversee the deployment, integration, and initial configuration of all new security solutions and any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise's security documents
• Ensure that projects are completed on time and within allocated budget
• Supervise, mentor, and train team members to ensure that job requirements are being properly meet and completed on time
• Delegate work assignments and coach team members to ensure systems are implemented according to specifications and standards
• Design and deploy information security awareness training for all coworkers to ensure consistently high levels of compliance with SpartanNash's Information Security Program
• Establish, document, and enforce SpartanNash's Information Security Policy
• Maintain up-to-date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new vulnerabilities, attacks and threat vectors
• Partner with IT leaders to instill Information Security industry best practices across IT including development, third-party software support, database administration, enterprise architecture. This position will work with the following tools and technologies : Rapid7, Microsoft O365 Security solutions, Microsoft Azure Cloud Security, Palo Alto Networks Firewalls, Security Orchestration and Automation Tools, Fireeye Helix, Zscaler, Infoblox, MS Project, Penetratin Testing using Kali Linux, F5, and Endpoint Security Technologies. Provide supervision to Analyst III, IT Security, Specialist Security Engineer and Security Engineer.
• Additional responsibilities may be assigned as needed.

Here's what you'll need :