Description
Delivery Solutions is a Retail eCommerce OXM Platform that provides retailers with out-of-the-box solutions to power Same-Day Delivery, Curbside, In-Store Pickup, Shipping, and post-purchase experiences. We are trusted with some of the biggest names in multiple verticals of retail like Sephora, AT&T, Footlocker, Michael's, Office Depot, GameStop, Total Wine, Sally Beauty, Abercrombie & Fitch Co. Belk, Loblaw, Vineyard Vines etc.Our SAAS-based solution is highly flexible and interacts seamlessly with E-commerce properties, OMS, WMS, and POS systems for a highly scalable experience and a delighted customer base.Delivery Solutions is a wholly-owned subsidiary of UPS | We are a certified Great Places To Work CompanyJob Summary: Looking for an Senior Software Engineer - Security and Privacy to lead the design and implementation of security and privacy frameworks, ensuring data protection and compliance across systems. This role involves guiding a team in securing sensitive information and mitigating risks.Essential Duties and Responsibilities:StrategyContribute to the development and review of the system's capability to meet security requirementsPresent analysis and recommended controls to address gaps or deficienciesTranslate regulatory, compliance, and legal requirements into system designs and processes Identify and apply security controls to the technology solutions to achieve security complianceDevelop security designs for systems and networks to effectively address security requirements driven by multiple classification levels of dataIdentify leading solutions and new security architecture patterns to achieve optimal security posture and meet business needsEstablish policies around incident response, vulnerability management, risk assessment, etcExecutionApply the trust level for all users and administrators of the system and all systems to ensure security posture and privilegesSetup alerting to detect malicious activities in any of the assetsAnalysis of results of SAST, VAPT, and security tool findings and provide recommendationsAssess security incidents and provides management with guidance to ensure effective responseAchieve ISO, SOC2, GDPR, Cert-In, and external VAPT complianceToolsOptimally use security tools available to achieve the security and compliance posture requiredDrive security intelligence efforts to explain patterns and trends to improve the ability to prevent and circumvent potential attacksEnsure all security tools related to EDR, Antivirus, and Compliance are properly in place & workingEnsure regular review of the security objectives and work towards rectifying shortcomingsEvaluate and initiate efforts to detect patterns to predict, identify, and define potential riskLeadershipKnowledge of cyber-security frameworks, risk management frameworks, and related standards and guidance to defend proposed security architecture patterns from a risk management perspective.Answer security questionnaires sent by customers and evaluate the security posture of vendorsEstablish runbooks to mitigate the impact of malicious activities. Find the root cause and execute the next steps to ensure such activities do not repeatParticipate in prioritization exercises and provide technical solutionsBe a security evangelist in the company through training and guidance about security itemsEducation and/or Work Experience Requirements: At least 4+ years of experience in SecOpsProven ability to achieve compliance with ISO or SOC2 or any such security standardsKnowledge of CCPA / GDPRCertifications related to security processes and operationsExperience with EDR, Antivirus, and remote mitigation of threatsExperience with setting up and governance of security processesUsed Crowdstrike, QRoC, Qualys, Sysmon tools, AWS Security Hub, AWS Guard DutyProven experience in the mitigation of a security incident
