Match score not available

Senior Software Engineer - SecOps at Delivery Solutions

Remote: 
Full Remote
Contract: 
Experience: 
Mid-level (2-5 years)
Work from: 

Offer summary

Qualifications:

4+ years of experience in SecOps, Proven compliance with ISO or SOC2, Knowledge of CCPA / GDPR, Security-related certifications.

Key responsabilities:

  • Lead design and implementation of security frameworks
  • Develop security designs to achieve compliance
Delivery Solutions logo
Delivery Solutions Scaleup https://www.deliverysolutions.co/
51 - 200 Employees
See all jobs

Job description

Delivery Solutions is a Retail eCommerce OXM Platform that provides retailers with out-of-the-box solutions to power Same-Day Delivery, Curbside, In-Store Pickup, Shipping, and post-purchase experiences. We are trusted with some of the biggest names in multiple verticals of retail like Sephora, AT&T, Footlocker, Michael's, Office Depot, GameStop, Total Wine, Sally Beauty, Abercrombie & Fitch Co. Belk, Loblaw, Vineyard Vines etc.

Our SAAS-based solution is highly flexible and interacts seamlessly with E-commerce properties, OMS, WMS, and POS systems for a highly scalable experience and a delighted customer base.

Delivery Solutions is a wholly-owned subsidiary of UPS | We are a certified Great Places To Work Company

Job Summary: Looking for an Senior Software Engineer - Security and Privacy to lead the design and implementation of security and privacy frameworks, ensuring data protection and compliance across systems. This role involves guiding a team in securing sensitive information and mitigating risks.

Essential Duties and Responsibilities:

Strategy

  • Contribute to the development and review of the system's capability to meet security requirements
  • Present analysis and recommended controls to address gaps or deficiencies
  • Translate regulatory, compliance, and legal requirements into system designs and processes
  • Identify and apply security controls to the technology solutions to achieve security compliance
  • Develop security designs for systems and networks to effectively address security requirements driven by multiple classification levels of data
  • Identify leading solutions and new security architecture patterns to achieve optimal security posture and meet business needs
  • Establish policies around incident response, vulnerability management, risk assessment, etc
Execution
  • Apply the trust level for all users and administrators of the system and all systems to ensure security posture and privileges
  • Setup alerting to detect malicious activities in any of the assets
  • Analysis of results of SAST, VAPT, and security tool findings and provide recommendations
  • Assess security incidents and provides management with guidance to ensure effective response
  • Achieve ISO, SOC2, GDPR, Cert-In, and external VAPT compliance
Tools
  • Optimally use security tools available to achieve the security and compliance posture required
  • Drive security intelligence efforts to explain patterns and trends to improve the ability to prevent and circumvent potential attacks
  • Ensure all security tools related to EDR, Antivirus, and Compliance are properly in place & working
  • Ensure regular review of the security objectives and work towards rectifying shortcomings
  • Evaluate and initiate efforts to detect patterns to predict, identify, and define potential risk
Leadership
  • Knowledge of cyber-security frameworks, risk management frameworks, and related standards and guidance to defend proposed security architecture patterns from a risk management perspective.
  • Answer security questionnaires sent by customers and evaluate the security posture of vendors
  • Establish runbooks to mitigate the impact of malicious activities. Find the root cause and execute the next steps to ensure such activities do not repeat
  • Participate in prioritization exercises and provide technical solutions
  • Be a security evangelist in the company through training and guidance about security items

Education and/or Work Experience Requirements:

  • At least 4+ years of experience in SecOps
  • Proven ability to achieve compliance with ISO or SOC2 or any such security standards
  • Knowledge of CCPA / GDPR
  • Certifications related to security processes and operations
  • Experience with EDR, Antivirus, and remote mitigation of threats
  • Experience with setting up and governance of security processes
  • Used Crowdstrike, QRoC, Qualys, Sysmon tools, AWS Security Hub, AWS Guard Duty
  • Proven experience in the mitigation of a security incident

Required profile

Experience

Level of experience: Mid-level (2-5 years)
Spoken language(s):
English
Check out the description to know which languages are mandatory.

Other Skills

  • Team Leadership
  • Communication
  • Problem Solving

Software Engineer Related jobs