Manager III- Network Security

Introduction

Ahold Delhaize USA, a division of global food retailer Ahold Delhaize, is part of the U.S. family of brands, which also includes five leading omnichannel grocery brands – Food Lion, Giant Food, The GIANT Company, Hannaford and Stop & Shop. Ahold Delhaize USA associates support the brands with a wide range of services, including Finance, Legal, Sustainability, Commercial, Digital and E-commerce, Technology and more.

The Sr Manager - Network Security will oversee the architecture, design, provisioning, implementation, configuration and management of a variety of network and security hardware and software tools, firewalls, routers, switches, network monitoring tools, and virtual private networks are among them (VPNs) leveraging Zero Trust architecture principles and methodologies. This role will provide expertise and leadership of network security architecture, solution engineering and operations and will work closely with the network platform/product owners to provide end to end support and delivery of all network security platforms and technologies.

The network security leader will take physical and software precautions to protect the underlying networking infrastructure from unauthorized access, misuse, malfunction, modification, destruction, or improper disclosure. This role will partner closely with the Group Security Office (GSO) to define innovative and cost-effective network security solutions to protect ADUSA's entire network and application landscape and help achieve compliance objectives. The network security leader plays a critical role in network transformation journey to help pivot to a Zero Trust and SASE based borderless network for secure and reliable application delivery for fully hybrid workforce.

Our flexible/hybrid work schedule includes 3 in-person days at one of our core locations and 2 remote days. Our core office locations are Salisbury, NC;
Quincy, MA.

Applicants must be currently authorized to work in the United States on a full-time basis.

• Define and execute strategy for next-generation network infrastructure security strategy based on next generation SASE
• network security design principles
• Design and deliver firewall assurance solution that can provide enterprise grade firewall audit and rule management
• Leverage automation to simplify and optimize security policies and enhance firewall rule performance
• Delivery direct/indirect management and oversight for team of network security platform engineers that are specialized in Zero trust and SASE based architectures
• Build, design and deploy solutions for micro-segmentation within data centers and cloud to achieve defense in depth strategy
• Plan, engineer, and monitor the security arrangements for the protection of the network systems.
• Identify, diagnose, and fix security concerns by testing for network vulnerabilities and collaborating with IT counterparts to review, test, and troubleshoot technology.
• Lead and support initiatives related to meeting PCI DSS compliance objectives.
• Configure and implement intrusion detection systems and firewalls.
• Prepare detailed reports on assessment-based findings, conclusions, and recommendations for improving security.
• Produce documentation to ensure that correct server and security infrastructure protocols and practices are in place.
• Create, deploy, and enforce network security policies.
• Manage vendor relationships related to security upgrades, installations and planning.
• Stay abreast of Identifying current technology and methods that will improve the system's overall security.

• Bachelor's Degree in Computer Science, Cybersecurity, or related Field; or equivalent work experience
• Proven work experience as a network/information security engineer and developing and maintaining security systems
• Experience with supervising a team of network security engineers
• Advanced understanding of current information security trends, principles, and protocols
• Ability to test for, track, and resolve threats including malfunctions and attacks
• IT networking and programming skills
• Comprehensive knowledge of computer forensic tools, data loss prevention methods, and disaster recovery methods
• Complete understanding of the web-related terminologies and software such as web applications, web related protocols, service-oriented architectures, and web services
• Ability to communicate and report network security incidents and issues to the upper management
• Ability to administer firewalls, routers, virtual private networks (VPNs), and other security tools
• Ability to maintain server, LAN, and WAN architecture
• Key
  
  Skills:
  
  Analytical, Critical Thinking, Attention to Detail, Resourcefulness, Strong Verbal and Written Communication

• Bachelor's degree with 10+ years of direct experience working in large scale networks
• Network engineer certifications such as CCNP Security (Cisco Certified Network Professional Security), CEH (Certified Ethical Hacker), CISSP (Certified Information Systems Security…