Sign In
 [New User? Sign Up]
Mobile Version

IT Security Assurance Manager

Home Depot


Location:
Marietta, GA
Date:
12/11/2017
2017-12-112018-01-09
Job Code:
112625
Apply on the Company Site
  •  
  • Save Ad
  • Email Friend
  • Print
  • Research Salary

Job Details

SYSTEMS ENGINEER MANAGER - Marietta GA 30062 Skip Navigation
Job Details

IT Security Assurance Manager (112625)

GA - Marietta

  • Date Posted: Dec 4, 2017
  • Company: The Home Depot
  • Travel: None
  • Functional Area: Information Technology
  • Position Type: Full-Time
  • Relocation Provided: Yes




Position Description:
POSITION PURPOSE

The Home Depot in Marietta, GA is seeking an IT Security Assurance Manager.  The purpose of the Security Assurance organization is to evaluate and assert the effectiveness of security technologies deployed at The Home Depot. The candidate must have a comprehensive understanding of Security operations to assume the leadership role required to plan, execute, report, and evolve structured Security assurance activities. The successful candidate will bring to table a contrarian perspective of security strategies, controls and defenses and help operationalize and maintain Security capabilities that provides continuous protection against present and future threats. This person will assess and routinely adopt the tools and techniques of actual adversaries, leverage the understanding of attacks on other organizations and mimic the work of adversaries to implement an operational lifecycle that focuses on the philosophy of continuous improvement - attack, measure, learn and repeat.

As a member of the Security Architecture and Engineering Organization, the Security Assurance Manager oversees a team that will plan, lead and conduct security assessment on internally or externally hosted applications and infrastructure targeted by adversaries. The manager's team hunts for weaknesses and vulnerabilities that could lead to a breach of confidentiality, integrity or availability. The Security Assurance Manager collaborates with managers, technology and security leaders, and his/her peers in the Architecture and Security Engineering team.

The Security assurance leader shall develop and implement techniques that probe and identify vulnerabilities that allow circumvention of IT Security controls, to successfully demonstrate a compromise and/or how acts of deliberate disruption can cause adverse unspecified loss of productivity, or bring about appreciable negative impact. The Security assurance is a specialized process-driven function to help realize continuous security assurance improvements through awareness and exposure of critical weaknesses in end-to-end business operations.

The purpose of the Security assurance is to routinely and randomly test Home Depot and its affiliates defenses, the readiness of IT security, technology and business personnel at-large to appropriately respond to scenarios that can cause a complete or partial disruption of business services, and systems that enable correct authorization of credentialed operations, transactions and information exchanges. 

The Systems Engineer Manager is responsible for attracting, retaining and developing top talent focused on market needs and inspiring Systems Engineering teams to provide quality service to drive a highly stable infrastructure in support of The Home Depot's business. The Systems Engineer Manager focuses on guiding and executing the implementation, maintenance, and support of hardware, software and systems necessary to enable sales, drive efficiency, and build customer satisfaction. Within their Systems Engineering teams, Systems Engineer Managers, work closely with business stakeholders and the stores. They support system planning reviews and communicate and present across all levels of the organization.

MAJOR TASKS, RESPONSIBILITES AND KEY ACCOUNTABILITIES
30% - Strategy & Planning:
Looks across teams with a focus on alignment and dependencies
Gains a thorough understanding of infrastructure needs and guides teams to design infrastructure platforms that meet end user requirements
Translates product and project goals into infrastructure strategy and clearly communicates direction and priorities to teams and business partners
Determines value to the business of anticipated Systems Engineering efforts
Identifies goals, metrics, and appropriate analytics to measure the performance of Systems Engineering teams; continually makes recommendations and refinements on approaches based on learnings
Reviews recommended solutions and work of Systems Engineers to ensure alignment with company, stakeholder, and end user priorities
20% - Delivery & Execution:
Leads configuration, debugging, and support for infrastructure
Leads field and corporate roll-outs of technology
Leads the stand up of necessary system software, hardware, and equipment (physical or virtual) to meet changing infrastructure needs
Creates and optimizes specifications for complex technology solutions
Provides regular status to leadership regarding progress of Systems Engineering efforts
Manages vendor relationships
Manages, reviews, and approves purchase requests for hardware and software
20% - Support & Enablement:
Removes roadblocks and obstacles that may impair Systems Engineers to help ensure efforts meet strategic, financial, and technical goals
Receives and prioritizes escalations and incoming requests from product teams and stakeholders
Guides the production of in-house documentation around solutions
Monitors tools and proactively helps teams struggling with systems issues
30% - People:
Provides leadership, mentoring, and coaching to Systems Engineering professionals
Attracts, retains, and develops top talent
Conducts annual and mid-year reviews, reviewing individual development plans and providing performance feedback
Fosters collaboration with team members to drive value, and identify and resolve impediments
Advocates for the end user and stakeholder by becoming associated with the product, empathizing with and understanding user needs
Guides more junior team members in strategy, alignment, analysis, and execution tasks
Participates in and contributes to learning activities around systems engineering core practices (communities of practice)

NATURE AND SCOPE

Typically reports to the Systems Engineer Sr. Manager, Technology Director or Sr. Director.

ENVIRONMENTAL JOB REQUIREMENTS

Environment:
Located in a comfortable indoor area. Any unpleasant conditions would be infrequent and not objectionable.
Travel:
Typically requires overnight travel 5% to 20% of the time.
Additional Environmental Job Requirements:


ESSENTIAL SKILLS:
Additional Qualifications:
Preferred Qualifications:

  • Excellent oral/written communications to effectively communicate activities and findings in a business assurance and risk context
  • Prior hands on experience with penetration testing, vulnerability assessment and/or red team testing of infrastructure, web applications and mobile applications
  • Experience managing/leading and coordinating a team of penetration testers or security testing professionals.
  • In-depth understanding of native operating systems and web application frameworks
  • Experience with exploit development, fuzzing and zero-day development will be an added advantage
  • Expertise with one or more security testing tools and frameworks like Metasploit, OllyDgb, IDA PRO, Cobalt Strike, Cycript, SSL-Kill-Switch, Kali, Nessus, Burp Suite etc.
  • In-depth understanding of OWASP Top 10 and other web application vulnerabilities; with experience in testing and remediation
  • Good understanding of Active Directory and Domain Trust; with prior experience in running penetration testing across federated domains and networks
  • Ability to explain and present vulnerabilities and weaknesses to non-technical audience and recommend appropriate remediation measures to mitigate identified risks
  • Experience with developing monitoring capabilities to detect specific exploit scenarios will be an added advantage; familiarity with tools like SIEM, Osquery, HIPS, IDS etc.
  • Demonstrate broad knowledge of MS Windows, Unix-based, Linux and mid-range platform systems used to deliver commercial enterprise applications.
  • Excellent working knowledge of industry standards and guidance such as SEI/CMU, SAFECODE; NIST MITRE
  • Common Weakness Risk Framework, and Vulnerability Enumeration Trends; ISO/IEC 27034, CERT
  • Secure Coding Standards, OWASP Secure Coding Practices
MINIMUM QUALIFICATIONS
Must be eighteen years of age or older.
Must be legally permitted to work in the United States.

Additional Minimum Qualifications:

Must be legally permitted to work in the United States

Education Required:

The knowledge, skills and abilities typically acquired through the completion of a bachelor's degree program or equivalent degree in a field of study related to the job.

Years of Relevant Work Experience:
5 years

Physical Requirements:

Most of the time is spent sitting in a comfortable position and there is frequent opportunity to move about. On rare occasions there may be a need to move or lift light articles.

Knowledge, Skills, Abilities and Competencies:
Attracts Top Talent: Attracting and selecting the best talent to meet current and future business needs
Balances Stakeholders: Anticipating and balancing the needs of multiple stakeholders
Builds Effective Teams: Building strong-identity teams that apply their diverse skills and perspectives to achieve common goals
Business Insight: Applying knowledge of business and the marketplace to advance the organization s goals
Collaborates: Building partnerships and working collaboratively with others to meet shared objectives
Communicates Effectively: Developing and delivering multi-mode communications that convey a clear understanding of the unique needs of different audiences
Develops Talent: Developing people to meet both their career goals and the organization s goals
Drives Engagement: Creating a climate where people are motivated to do their best to help the organization achieve its objectives
Drives Vision and Purpose: Painting a compelling picture of the vision and strategy that motivates others to action
Manages Ambiguity: Operating effectively, even when things are not certain or the way forward is not clear
Organizational Savvy: Maneuvering comfortably through complex policy, process, and people-related organizational dynamics
Situational Adaptability: Adapting approach and demeanor in real time to match the shifting demands of different situations


We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state or local protected class.

Apply on the Company Site
Powered ByLogo

Featured Jobs[ View All ]

Featured Employers [ View All ]