Address: USA-IL-Chicago-300 South Riverside Plaza
Store Code: Technology Innovation (5105118)

What’s Our Dish

Announced in May 2018, Peapod Digital Labs (PDL) is an Ahold Delhaize USA company that powers the eCommerce and digital strategies for the Great Local Brands of Ahold Delhaize USA. Accelerating growth in digital and personalization capabilities, PDL is an innovation lab focused on meeting the changing needs of customers, regardless of when, where, and how consumers choose to shop.

Browse the Aisles

SecOps function at Peapod Digital Labs which is responsible for building/maintaining Security controls within DevOps processes, building and enhancing security review of infrastructure and applications, and supporting vulnerability management processes. We’re looking for a Director, SecOps Engineering to lead and manage a growing team and to take PDL’s security operations teams to the next level. The mission of Security Operations is to proactively detect, respond to, simulate, and identify breach attempts and threat actors and support our global cyber defense team.

This role will review and asses the security of applications, containers, infrastructure as code repositories working together with development and infrastructure teams create solutions that are scalable for an enterprise environment. The SecOps leader will understand automation and how it is best applied to obtain a continuous delivery goal. The SecOps leader will be working on longer-term engagements with DevOps, Site Reliability Engineers, Digital Operations and Application teams for developing automated workflows to provide SecOps as a Service within DevOps pipeline.

You will build and own solutions to quickly identify breach attempts, contain and eradicate threats, streamline our security incident response processes with the business, continuously test our controls, and help the business make informed decisions based on threat intelligence. You will establish metrics that demonstrate continuous improvements of the Security Operations capabilities and execute on your proposed strategy for improvements. We use a combination of managed and self-hosted approaches. This is a unique opportunity to be part of the engineering organization in areas of standardized automated infrastructure and service provisioning and orchestration, service-oriented architectural excellence, and forward thinking planning and execution of large technical projects with security as central focus.

Recipe for Success - What's “in store” for the role

• Manage and grow teams of talented analysts and engineers, ensuring they deliver high quality, timely work and that they’re happy, motivated, and growing
• Implement and maintain security for all our customer and employee facing technology stack, to utilize fully automated, self-service, highly scalable, cost-efficient, observable, auditable and reliable infrastructure, continuous delivery, environments and analytics services as a daily standard practice
• Develop capabilities and team to help secure Web Application Firewall, Bots protection, API, Data, Containers, VMs and Network.
• Drive the execution of security and secure coding practices across the engineering teams, collaborating with SREs and engineers across development teams while also performing hands-on work on the most critical challenges
• Improve the company’s ability to identify, detect, and response to threats by leading new technology selection, configuration, internal product development, obtaining-buy-in, and implementations with a heavy emphasis on automation
• Establish a set of measurable metrics that reflect the baseline of all security operations functions and drive for improvements
• Detailed process management to ensure audit trails of activities are reviewed and follow policy and audit requirements
• Build continuous security testing capabilities that feeds into PDL’s vulnerability management program
• Build a world-class threat intelligence capability that allows PDL to focus on the most relevant threats and those of our customers as well
• Scale the organization to accommodate for hyper growth
• Contribute to shaping the future of the security organization
• Partner with PDL’s product management team by becoming an advocate of our security related issues and champion areas of improvement
• Represent PDL in the digital forensic and incident response, penetration testing/read teaming, and threat intelligence efforts run by global cyber defense team.
• Support Azure private cloud initiatives around Automation, Governance, Logging, and Security
• Build capabilities around secure engineering design review to teams planning and implementing large migrations, service-oriented architecture, broad architectural shifts, and capacity growth
• Utilize alerting, logging, and monitoring to identify areas of opportunity to promote secure coding and practices for day to day objectives
• Support vulnerability management of Linux and Windows environments leveraging automation
• Collaborate with the other governance, risk, and security teams to develop and update Security Operations standards, procedures, and guidelines.
• Propose and drive large security improvements to production systems to achieve significant improvements for our business and engineering teams
• Mentor and coach engineers to be curious and effective at discovering and solving security challenges.

The Essentials In Your Cart - The required ingredients

• 15+ year’s experience in application or infrastructure architecture or engineering
• You have technical experience with various cloud providers, containerization technologies, automated deployment frameworks, orchestration frameworks, monitoring, logging, alerting, system internals, networking, databases, distributed systems, and service-oriented architecture
• You have the skills to implement load, stress, performance and reliability testing standards at scale to improve service, platform and infrastructure resiliency
• Experience in risk management findings, vulnerability prioritization, threat modeling, and mitigation strategy
• CI/CD experience with Jenkins or Terraform
• You communicate effectively with stakeholders ranging from executives to junior engineers across the breadth and depth of the engineering organization
• You exemplify high accountability, integrity, and resilience to maintain focus on both big-picture goals and milestones to get there
• You enable the engineering organization to innovate and deliver with greater speed and safety, securely

Extra Spices - What you should bring to the table

• Proven track record of building scalable organizations that have build and improved security operations capabilities
• Clear experience building effective partnerships with internal customers to improve on short-term and long-term security operations in the service of the business
• Focus on building a diverse and inclusive organization that is geographically separated
• Motivation and ability to grow talent by providing a proper mentorship and performance management environment while prioritizing empathy
• Able to take risks and move out of comfort zone by allowing teams to design new techniques and approaches that drive meaningful change
• Prior experience building security operations functions for a product or cloud-native company
• Participated in large scale breach detection/response programs
• Ability to pragmatically guide external stakeholders, leadership, and team through crisis
• You want to work in a fast-paced, high-growth startup environment

#LI-Hybrid #LI-CW1

Join Us at Our Table

Peapod Digital Labs is a forward-thinking company with a strong legacy of innovation. We recognize who powers our progress – our people! We offer a great variety of benefits and perks to our employees, including: great health care options, including PPO and HSA plans (with company contributions), dental, vision, flexible spending accounts, a 401k with strong company match and immediate vesting, and generous and flexible paid time off.

We are an equal opportunity employer. We comply with all applicable federal, state and local laws. Qualified applicants are considered without regard to sex, race, color, ancestry, national origin, citizenship status, religion, age, marital status (including civil unions), military service, veteran status, pregnancy (including childbirth and related medical conditions), genetic information, sexual orientation, gender identity, legally recognized disability, domestic violence victim status or any other characteristic protected by law.

Job Requisition: 227111_external_USA-IL-Chicago