Manager Infrastructure Security Patching

Introduction

Ahold Delhaize USA, a division of global food retailer Ahold Delhaize, is part of the U.S. family of brands, which also includes five leading omnichannel grocery brands – Food Lion, Giant Food, The GIANT Company, Hannaford and Stop & Shop. Ahold Delhaize USA associates support the brands with a wide range of services, including Finance, Legal, Sustainability, Commercial, Digital and E-commerce, Technology and more.

The ADUSA Security Manager oversees the Security Patching team, with the primary goal of protecting the Ahold Delhaize USA environment (Retail, Distribution Centers, Data Centers, Corporate locations) from security cyber risks. Establishes and executes the Vulnerability Remediation Governance Program, which provides the strategy for patching security vulnerabilities. Partners with ISO in the identification/validation of security vulnerabilities, coordinates testing with QA, schedules patching in established maintenance windows, directs vendor partners to execute patches, validates results, provides reporting.

In addition to remediating backlog/new vulnerabilities, resolves Zero Day vulnerabilities within designated time frames.

Our flexible/hybrid work schedule includes 3 in-person days at one of our core locations and 2 remote days. Our core office locations are Salisbury, NC;
Chicago, IL;
Quincy, MA.

Applicants must be currently authorized to work in the United States on a full-time basis.

• Establish and execute Security Patching program (strategy, processes, procedures).
• Identify benefits and risks.
• Socialize Security Patching program/strategy to IT/Business leadership.
• Establish Security Patching Team.
• Clarify team roles and responsibilities.
• Manage Security Patching team.
• Conduct weekly meetings with team.
• Ensure that the functions are performed in accordance with established policies and procedures.
• Partner with ISO, GSO, IT, Business in security vulnerabilities and remediation.
• Provide regular reporting to leadership.
• Support PCI Audits.
• Identify, resolve, and escalation issues as needed.
• Ensure operational stability of a 24/7/365 grocery retail environment by providing technical support, system monitoring, and issue resolution which may be required during off-hours, weekends, and holidays as needed.

• 10+ years in IT security patching and/or release management.
• People Leadership experience.
• Multi-Vendor Partner Management Experience.
• Strong Leadership and Organizational skills.
• Ability to lead and energize others.
• Relationship skills to build partnerships and foster collaboration.
• Problem resolution skills.
• Ability to multi-task and determine priorities.
• Strong time management skills.
• Communications skills with ability to engage Executive Leadership.
• Develop presentations/briefings and deliver to executive leadership.

• IT experience in Retail environment.
• Technical Undergraduate degree.
• Knowledge of information systems and security controls, of attack types and methodologies.
• Working knowledge with perimeter scanning technologies and vulnerability management tools (i.e., Rapid7).
• Service Now tool experience preferred or demonstrated work experience with other like industry tool suites.
• Prior experience with vulnerability remediation governance in an enterprise environment.
• Excellent technical, diagnostic, and troubleshooting skills.
• Strategic Focus.
• Analytical Thinking.
• Strong skills with MS Word, MS Excel, MS PowerPoint, MS Visio, MS Project, and SharePoint.

ME/NC/PA/SC Salary Range: $108,880 - $163,320
IL/MA/MD/NY Salary Range: $125,200 - $187,800
Actual compensation offered to a candidate may vary based on their unique qualifications and experience, internal equity, and market conditions. Final compensation decisions will be made in accordance with company policies and applicable laws.