Associate Technical Lead - SecOps

Delivery Solutions is a Retail eCommerce OXM Platform that provides retailers with out-of-the-box solutions to power Same-Day Delivery, Curbside, In-Store Pickup, Shipping, and post-purchase experiences. We are trusted with some of the biggest names in multiple verticals of retail like Sephora, AT&T, Footlocker, Michael's, Office Depot, GameStop, Total Wine, Sally Beauty, Abercrombie & Fitch Co. Belk, Loblaw, Vineyard Vines etc.

Our SAAS-based solution is highly flexible and interacts seamlessly with E-commerce properties, OMS, WMS, and POS systems for a highly scalable experience and a delighted customer base.

Delivery Solutions is a wholly-owned subsidiary of UPS | We are a certified Great Places To Work Company

Job Summary: Looking for an Associate Technical Lead - Security and Privacy to lead the design and implementation of security and privacy frameworks, ensuring data protection and compliance across systems. This role involves guiding a team in securing sensitive information and mitigating risks.

Essential Duties and Responsibilities:
Strategy

• Contribute to the development and review of the system's capability to meet security requirements
• Present analysis and recommended controls to address gaps or deficiencies
• Translate regulatory, compliance, and legal requirements into system designs and processes
• Identify and apply security controls to the technology solutions to achieve security compliance
• Develop security designs for systems and networks to effectively address security requirements driven by multiple classification levels of data
• Identify leading solutions and new security architecture patterns to achieve optimal security posture and meet business needs
• Establish policies around incident response, vulnerability management, risk assessment, etc

Execution

• Apply the trust level for all users and administrators of the system and all systems to ensure security posture and privileges
• Setup alerting to detect malicious activities in any of the assets
• Analysis of results of SAST, VAPT, and security tool findings and provide recommendations
• Assess security incidents and provides management with guidance to ensure effective response
• Achieve ISO, SOC2, GDPR, Cert-In, and external VAPT compliance

Tools

• Optimally use security tools available to achieve the security and compliance posture required
• Drive security intelligence efforts to explain patterns and trends to improve the ability to prevent and circumvent potential attacks
• Ensure all security tools related to EDR, Antivirus, and Compliance are properly in place & working
• Ensure regular review of the security objectives and work towards rectifying shortcomings
• Evaluate and initiate efforts to detect patterns to predict, identify, and define potential risk

Leadership

• Knowledge of cyber-security frameworks, risk management frameworks, and related standards and guidance to defend proposed security architecture patterns from a risk management perspective.
• Answer security questionnaires sent by customers and evaluate the security posture of vendors
• Establish runbooks to mitigate the impact of malicious activities. Find the root cause and execute the next steps to ensure such activities do not repeat
• Participate in prioritization exercises and provide technical solutions
• Be a security evangelist in the company through training and guidance about security items

Education and/or Work Experience Requirements: 

• At least 6 years of experience in SecOps
• Has led a team before
• Proven ability to achieve compliance with ISO or SOC2 or any such security standards
• Knowledge of CCPA / GDPR
• Certifications related to security processes and operations
• Experience with EDR, Antivirus, and remote mitigation of threats
• Experience with setting up and governance of security processes
• Used Crowdstrike, QRoC, Qualys, Sysmon tools, AWS Security Hub, AWS Guard Duty
• Proven experience in the mitigation of a security incident