InfoSec Operations Manager
About Grocery Outlet
- Our Mission: Touching lives for the better
- Our Vision: Touching lives by being the first choice for bargain-minded consumers in the U.S.
- Our Values & Behaviors: Achievement, Diversity, Entrepreneurship, Family, Fun, Integrity & Service
About The Team
Our BT team’s mission is to push the boundaries of technology with the intention of going above and beyond to aid stores and customers and deliver timely solutions to benefit all members of Grocery Outlet. Our team consists of problem solvers and go-getters who are dedicated to being service-oriented and solving important problems.
About The Role
The InfoSec Operations Manager performs two core functions for the enterprise. The first is overseeing the operations of the enterprise’s security solutions through management of the organization’s security admins & 3rd party vendors & partners. The second is implementing & maintaining enterprise security standards through best practices, policy, architecture, and training processes. Secondary tasks will include participation & remediation of any vulnerability audits and assessments. The InfoSec Operations Manager is expected to interface with peers in the InfoSec, Cloud, Sys Admin and Network Admin as well as with the leaders of the business units to both reinforce the corporate security vision with those individuals and to solicit their involvement in achieving higher levels of enterprise security through information sharing and co-operation.
- Maintain up-to-date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
- Leverage security solutions & 3rd party vendors/partners or enhancements to existing security solutions to improve GO’s overall enterprise security as per the enterprise’s Information Security Program
- Assist with the design, implementation & testing of disaster recovery and business continuity plans, procedures, audits, and enhancements
- Oversee the deployment, integration, and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise’s security documents specifically.
- Perform regular audits and produce monthly reports on the above to demonstrate compliance
- Ensure the confidentiality, integrity and availability of the data residing on or transmitted to/from/through enterprise workstations, servers, and other systems and in databases and other data repositories.
- Ensure the enforcement of enterprise security documents & SOP’s.
- Supervise all investigations into problematic activity and provide on-going communication with Sr. Director Operations
- Participate in the design and execution of vulnerability assessments, penetration tests and security audits.
- Perform regular security awareness training for all employees to ensure consistently high levels of compliance with enterprise security documents.
- Engage in ongoing communications with peers in the Systems and Networking groups as well as the various business groups to ensure enterprise wide understanding of security goals, to solicit feedback and to foster co-operation.
About The Pay
- Base Salary Range: $100,000 - $140,000 Annually
- Annual Bonus Program
- 401(k) Profit Sharing
- Medical, Dental, Vision & More!
- Final compensation will be determined based upon experience and skills and may vary based on location.
- Extensive experience in enterprise security, on premise, SaaS & Cloud Technologies
- Extensive experience in enterprise security document creation & run books
- Experience in designing and delivering employee security awareness training.
- Experience in developing Business Continuity Plans and Disaster Recovery Plans.
- Experience in managing of staff of junior & senior InfoSec administrators
- Experience with Patch Management, Vulnerability Management, Endpoint Management
- Working technical knowledge of standard & best practices InfoSec tools & software
- Strong understanding of IP, TCP/IP, and other network administration protocols.
- Familiarity with Windows Server, Linux Operating Systems
- Proven analytical and problem-solving abilities.
- Ability to effectively prioritize and execute tasks in a high-pressure environment.
- Good written, oral, and interpersonal communication skills.
- Ability to conduct research into IT security issues and products as required.
- Ability to present ideas in business-friendly and user-friendly language.
- Highly self-motivated and directed.
- Keen attention to detail.
- Team-oriented and skilled in working within a collaborative environment.
Bonus If You Have
- Working technical knowledge of Syxsense, Crowdstrike, Milton, Mimecast, CyberArk, SailPoint, Okta