Enterprise InfoSec Architect

Emeryville, CA, United States

About Grocery Outlet:

Our Mission: Touching lives for the better

Our Vision: Touching lives by being the first choice for bargain-minded consumers in the U.S.

Our Values & Behaviors: Achievement, Diversity, Entrepreneurship, Family, Fun, Integrity & Service

About the Team:

Our IT team’s mission is to push the boundaries of technology with the intention of going above and beyond to aid stores and customers and deliver timely solutions to benefit all members of Grocery Outlet. Our team consists of problem solvers and go-getters who are dedicated to being service-oriented and solving important problems

About the Role: We are seeking a highly skilled and experienced Enterprise InfoSec Architect with expertise in SAP, Application, API, SAP GRC, and cloud computing with the retail grocery industry. As an Enterprise InfoSec Architect, you will play a critical role in developing and implementing comprehensive security strategies, frameworks, and controls to protect our enterprise systems, applications, APIs, SAP GRC, and cloud-based environments. Your role will be instrumental in ensuring the confidentiality, integrity, and availability of our sensitive data and systems while addressing the unique security challenges.

Responsibilities Include: Collaborate with cross-functional teams to integrate security requirements into the design and implementation of enterprise solutions

Develop and maintains a security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with business, technology and threat drivers

Develop and maintain a comprehensive security architecture framework, ensuring alignment with business objectives, industry-specific regulations, and best practices

Provide technical leadership in the assessment, design, and implementation of SAP GRC security and IT risk solutions

Collaborate with cross-functional teams to integrate security requirements into the design and implementation of enterprise solutions

Establish and maintain a robust SAP security governance framework specific to the retail grocery industry in California, comprising policies, standards, and procedures.

Define and enforce authorization concepts, role-based access controls, and user administration practices for SAP systems, applications, and APIs

Conduct regular security assessments and audits, addressing industry-specific risks and ensuring compliance with relevant regulations

Implement and manage SAP GRC (Governance, Risk, and Compliance) solutions to monitor and manage access controls, segregation of duties, and risk management within the SAP environment.

Develop standards and practices for data encryption and tokenization in the organization based on the organization's data classification criteria

Develop and maintain an incident response plan, ensuring swift detection, containment, eradication, and recovery from security incidents

Conduct post-incident analysis, identify lessons learned, and provide recommendations to improve security controls and incident response capabilities

Validate IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicable

Validate security configurations and access to security infrastructure tools, including firewalls, IPSs, WAFs, and anti-malware/endpoint protection systems

Ensure a complete, accurate, and valid inventory of all systems, infrastructure, and applications that should be logged by the security information and event management (SIEM) or log management tool

Coordinate with the privacy officer to document data flows of sensitive information in the organization and recommend controls to ensure that this data is adequately secured (e.g., encryption and tokenization)

Support the testing and validation of internal security controls, as directed by the Head of InfoSecurity or the internal audit team

Reviews security technologies, tools and services, and makes recommendations to the broader security team for their use based on security, financial and operational metrics

About The Pay: Base Salary Range: $130,000 - $150,000 Annually

Annual Bonus Program

Equity

401(k) Profit Sharing

Medical, Dental, Vision & More!

Final compensation will be determined based upon experience and skills and may vary based on location.

About You: Bachelor's degree in Computer Science, Information Technology, or higher with 10+ years of experience.

6+ years of experience IT solution development disciplines, including technical or information security architecture, network management, application development, database management, or cloud development.

Extensive experience as an Enterprise InfoSec Architect, with a focus on SAP, application and API security, SAP GRC, and cloud computing

In-depth knowledge of SAP security concepts, including authorization models, role-based access controls, user administration, and SAP GRC within the context of retail grocery operations

Strong understanding of application and API security principles, technologies, and best practices

Familiarity with relevant regulations and standards specific to the retail grocery (e.g., CCPA, etc).

Experience designing the deployment of applications and infrastructure into public cloud services.

Full-stack knowledge of IT infrastructure: Applications, Databases, Operating systems — Windows, Unix, and Linux, Hypervisors, IP networks — WAN and LAN, Storage networks — Fibre Channel, iSCSI and NAS, Backup networks and media, Containers/Kubernetes

Strong working knowledge of IT service management (e.g., ITIL-related disciplines): Change management, Configuration management, Asset management, and Incident management.

Excellent written and verbal communication skills

Must demonstrate exceptional teamwork skills and a strong ability to support and uplift their fellow team members, fostering a positive and cooperative working dynamic.

Strong understanding of retail grocery processes and best practices.

Project management experience, with the ability to lead and deliver multiple projects concurrently.

Ability to work with developers, security engineers and analysts in an in-and-out outsourced environment.

To learn about how we collect, use and secure your personal information. Click here to see our privacy policy.