Reporting to the Director of Security Engineering & Delivery this role will develop and manage our Application Security and Vulnerability Management program. Manages a team responsible for developing and implementing protocols that comply with established policies, procedures and standards of the specified area of IT. Effectively collaborates with other members of the team, customers and/or stakeholders to align work efforts, develop/execute tactical plans that enable successful business operations. Actively collaborates across IT and business areas within area of specified responsibility to ensure successful results of designated initiatives are achieved. Ensures accurate accounting of and appropriate deployment of resources. Outcomes managed have an impact on the specified area of responsibility. Job Responsibilities
- Manages the daily operational activities that develop and implement tactical plans for multiple components/processes for a specified area within IT. Develops protocols to support established standards. Oversees team(s) assigned to projects and may manage implementations. Ensures resources are accurately allocated in line with tactical plans and appropriately accounted for at all times.
- Performs as subject matter advisor and may serve as point of escalation and become actively involved, as required, to meet schedules and resolve problems highly complex in nature. Manages issues proactively, including timely resolution and the identification of remediation opportunities. Identifies and resolve systemic issues to prevent them from repeating.
- Ensures delivery against agreed upon SLAs and overall service delivery of operational activities. Understands short and long-term goals and objectives and recommend technical solutions and services. Maintains organization's effectiveness and efficiency by defining, delivering, and supporting strategic plans for implementing information technologies.
- Develops and proposes options with pros/cons and risk, and works with stakeholders to finalize the best solution that meets business needs.
- Establishes credibility with partners while managing expectations. Ensures frequent, continuous and effective communications with team members, within IT, and with stakeholders to set expectations and negotiate priorities appropriately, via both formal and informal channels / mechanisms.
- May develop budget for functional area. Manages budget to plan. May be accountable for area budget and delivering against business goals/objectives.
- Participates in and contributes to the development of technical/business approaches and/or the recommendation of current system enhancements.
- Understand the underlying technologies and applications utilized within specified area of responsibility to direct how to design, develop, test, and implement priority technology requirements.
- Shares information cross-functionally to improve workflow processes. Interacts with direct reports and peers in management / customers / vendors to share information and improve cross-departmental processes.
- Stays abreast of industry leading best practices and brings them to the attention of the leadership team for innovative application. May develop partnerships (and relationships) with internal and external stakeholders to meet business needs.
- Allocates available resources to meet operating objectives. Develops and mentors staff through on-boarding, open communication, training and development opportunities and performance management processes; builds and maintains employee morale and motivation; ensures the team is appropriately staffed with required competencies; fosters a diverse and inclusive workplace.
Walgreens, one of the nation's largest drugstore chains, is included in the Retail Pharmacy USA Division of Walgreens Boots Alliance, Inc., the first global pharmacy-led, health and wellbeing enterprise. More than 10 million customers interact with Walgreens each day in communities across America, using the most convenient, multichannel access to consumer goods and services and trusted, cost-effective pharmacy, health and wellness services and advice. Walgreens operates 8,175 drugstores with a presence in all 50 states, the District of Columbia, Puerto Rico and the U.S. Virgin Islands. Walgreens omnichannel business includes Walgreens.com. Approximately 400 Walgreens stores offer Healthcare Clinic or other provider retail clinic services.
As the neighborhood drugstore and retailer, our goal is to make health and happiness simpler, easier and within reach. And we remain a trusted wellness provider offering convenient access to important health services, such as immunizations and an array of pharmacy services that can help patients improve their health. To our team members, Walgreens represents a unique opportunity to excel in their careers in a welcoming and inclusive environment. We offer the chance to work in a truly supportive environment, and be a part of a progressive organization dedicated to the well-being of our customers, team members and the communities we all call home. Basic Qualifications
- Bachelor's Degree and at least 5 years of experience in IT, Accounting, Finance, Consulting, Strategy and/or Analytics OR a High School Diploma/GED and at least 8 years of experience in IT, Accounting, Finance, Consulting, Strategy and/or Analytics.
- Experience establishing and maintaining relationships with individuals at all levels of the organization.
- Experience using time management skills such as prioritizing/organizing and tracking details and meeting deadlines of multiple projects with varying completion dates.
- Experience analyzing and reporting data in order to identify issues, trends, or exceptions to drive improvement of results and find solutions.
- Experience identifying operational issues and recommending and implementing strategies to resolve problems.
- At least 2 years of experience in indirect management of team members, including assisting in the development, training and assignment of work/projects to other team members.
- Willing to travel up to 10% of the time for business purposes (within state and out of state).
- Bachelor's degree in IT, IS, Mathematics or Computer Science
- Master's degree OR MBA
- Security evangelists who can translate and effectively communicate security concepts that is meaningful to many audiences, including business and technical leaders and individual contributors
- 5+ years of relevant application security or application development experience
- 5+ years of experience in performing vulnerability assessments and penetration tests
- Information security certifications: GSSP-.NET, GSSP-Java, CISSP, OSCP, CISM, SSCP etc. are preferred
- Knowledge in developing requirements, creating SOW's, selecting vendors and managed internal/external penetration testing programs
- Solid understanding of network design and architecture
- Knowledge integrating security tools, standards and processes into the Software Development Life Cycle (SDLC) in both an Agile and Waterfall development model
- Knowledge of and ability to speak to standard vulnerability & exploit framework (ex: CVSS, OWASP Top 10, CWE 25, WASC TCv2)
- Knowledge of industry standards and regulations including FFIEC, SOX, and ISO27001, NIST, CIS, PCI
- Familiarity with a variety of development, testing, vulnerability scanning and scripting tools
- Knowledge producing metrics reporting the state of application security programs and performance of development teams against requirements
- At least 1 years of experience planning, developing, and managing departmental expense and capital budgets.
- At least 1 year of experience directly managing people, including hiring, developing, motivating, and directing people as they work.