Hi,
Hope you are doing well.
Please find the job description below and let me know your interest.
Position: Enterprise InfoSec Architect
Location: Emeryville, CA
Duration: Full Time
Mode of Interview: Phone and Video
About the Role:
We are seeking a highly skilled and experienced Enterprise InfoSec Architect with expertise in SAP, Application, API, SAP GRC, and cloud computing with the retail grocery industry. As an Enterprise InfoSec Architect, you will play a critical role in developing and implementing comprehensive security strategies, frameworks, and controls to protect our enterprise systems, applications, APIs, SAP GRC, and cloud-based environments. Your role will be instrumental in ensuring the confidentiality, integrity, and availability of our sensitive data and systems while addressing the unique security challenges.
Responsibilities Include:
• Collaborate with cross-functional teams to integrate security requirements into the design and implementation of enterprise solutions
• Develop and maintain a security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are aligned with business, technology, and threat drivers
• Develop and maintain a comprehensive security architecture framework, ensuring alignment with business objectives, industry-specific regulations, and best practices
• Provide technical leadership in the assessment, design, and implementation of SAP GRC security and IT risk solutions
• Collaborate with cross-functional teams to integrate security requirements into the design and implementation of enterprise solutions
• Establish and maintain a robust SAP security governance framework specific to the retail grocery industry in California, comprising policies, standards, and procedures.
• Define and enforce authorization concepts, role-based access controls, and user administration practices for SAP systems, applications, and APIs
• Conduct regular security assessments and audits, addressing industry-specific risks and ensuring compliance with relevant regulations
• Implement and manage SAP GRC (Governance, Risk, and Compliance) solutions to monitor and manage access controls, segregation of duties, and risk management within the SAP environment.
• Develop standards and practices for data encryption and tokenization in the organization based on the organization's data classification criteria
• Develop and maintain an incident response plan, ensuring swift detection, containment, eradication, and recovery from security incidents
• Conduct post-incident analysis, identify lessons learned, and provide recommendations to improve security controls and incident response capabilities
• Validate IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicable
• Validate security configurations and access to security infrastructure tools, including firewalls, IPSs, WAFs, and anti-malware/endpoint protection systems
• Ensure a complete, accurate, and valid inventory of all systems, infrastructure, and applications that should be logged by the security information and event management (SIEM) or log management tool
• Coordinate with the privacy officer to document data flows of sensitive information in the organization and recommend controls to ensure that this data is adequately secured (e.g., encryption and tokenization)
• Support the testing and validation of internal security controls, as directed by the Head of InfoSecurity or the internal audit team
• Reviews security technologies, tools, and services, and makes recommendations to the broader security team for their use based on security, financial and operational metrics
About You:
• Bachelor's degree in Computer Science, Information Technology, or higher with 10+ years of experience.
• 6+ years of experience in IT solution development disciplines, including technical or information security architecture, network management, application development, database management, or cloud development.
• Extensive experience as an Enterprise InfoSec Architect, with a focus on SAP, application and API security, SAP GRC, and cloud computing
• In-depth knowledge of SAP security concepts, including authorization models, role-based access controls, user administration, and SAP GRC within the context of retail grocery operations
• Strong understanding of application and API security principles, technologies, and best practices
• Familiarity with relevant regulations and standards specific to the retail grocery (e.g., CCPA, etc).
• Experience designing the deployment of applications and infrastructure into public cloud services.
• Full-stack knowledge of IT infrastructure: Applications, Databases, Operating systems — Windows, Unix, and Linux, Hypervisors, IP networks — WAN and LAN, Storage networks — Fibre Channel, iSCSI and NAS, Backup networks and media, Containers/Kubernetes
• Strong working knowledge of IT service management (e.g., ITIL-related disciplines): Change management, Configuration management, Asset management, and Incident management.
• Excellent written and verbal communication skills
• Must demonstrate exceptional teamwork skills and a strong ability to support and uplift their fellow team members, fostering a positive and cooperative working dynamic.
• Strong understanding of retail grocery processes and best practices.
• Project management experience, with the ability to lead and deliver multiple projects concurrently.
• Ability to work with developers, security engineers, and analysts in an in-and-out outsourced environment.
Equal Opportunity Employer/Veterans/Disabled
--
Thanks & Regards
Mohit Kumar
mk@kpgtech.com
Contact: 6096638133
KPG99,INC
3240 E STATE ST EXT
Hamilton, NJ 08619
Minority Certified
www.kpg99.com