Albertsons-Safeway Company is one of the largest food and drug retailers with 2,300+ stores. The Albertsons-Safeway family of brands includes some of the most prominent brands in food retailing, with a growing base of loyal shoppers. Thanks to the professionalism, diversity, spirit and friendliness of our people, we have locations across the U.S.
The Information Technology Department has an opening for an Information Security Analyst. This position is located in Phoenix, Arizona or Pleasanton, California.
The InfoSec Analyst will be responsible for working with Information Technology (IT) and business organizations to shape organizational control policies standards, and provide guidance and consultation in a risk adverse and fiscally responsible environment. This includes but is not limited to: Managing large scale risk/security assessments and projects to validate and remediate identified risks, performing interviews, documenting design assessments and walkthroughs of key controls (both new and existing), and leading cross-functional remediation teams in developing processes using requirements gathered from clients and engineering.
Develop sustainable strategies and measurement systems to ensure that risk management techniques and strategies can continue to be maintained over time. Will foster and nurture trusted relationships with Business Partners, Company IT Executives, CISO and other Risk & Compliance Team Members to gain consensus approvals on strategies, recommendations, findings, project plans, etc.
Key Responsibilities include, but are not limited to:
- Enforce and interpret security policies, procedures and regulatory requirements by performing project, application, and systems security risk and compliance assessments.
- Mitigate vulnerability and configuration deficiencies by conducting investigations of possible security exceptions.
- Run, participate in, and run security awareness efforts and programs.
- Implement, update, maintain, document, and improve security programs.
- Maintain awareness of existing and proposed security standard setting groups, State, Federal and international legislation and regulations pertaining to information security, data privacy, and retail and pharmacy operations.
- Drive and enhance department efficiency and throughput for projects and programs.
- Perform assessment and/or implementation of appropriate security methods and control techniques such as password and access management, segregation of duties, logging and monitoring, data encryption, data backup and recovery.
- Prepare status reports for management on security matters, and develop security risk analysis scenarios and response procedures.
- Perform periodic assessments of information systems, people and processes to identify security vulnerabilities and develop and execute remediation action plans.
- Provide security consulting and project management services on complex issues that involve combinations of platforms and computing environments, especially in areas of e-commerce, cloud based solutions, and mobile technologies.
- Educate IT and the business about security policies and consults on security issues regarding user built/managed systems.
- Assist customers in identifying security controls for the company's networks, application systems, encryption and key management, infrastructures, authentication and authorization.
- Act as a liaison to the business and IT groups and assists them in the implementation of data privacy, compliance requirements, and information security technologies and applications security.
- May lead projects and provide guidance/training to less experienced staff
- 4-year degree (Computer Science, Information Systems or relational functional field) and/or equivalent combination of education or work experience.
- 7+ year's general information technology experience.
- 5+ years of professional Information Security experience focused on security risk, compliance assessment and remediation.
- 5+ years of professional experience with security tools.
- No direct management responsibility, but is highly accountable for the effectiveness, quality and timeliness of project design decisions and how easily these designs can be implemented.
- Professional certifications desired (CISSP, ISACA, GSEC, others).
- Exceptional analytical ability, communication skills and the ability to work effectively with client, IT management and staff, vendors and consultants.
- Strong knowledge of networking, databases, systems, applications, mobile, SaaS and other cloud technologies.
- In-depth knowledge of data security and protection techniques.
- In-depth knowledge of application security, including integration with DevOps practices.
- Strong knowledge of industry frameworks and best practices (ISO, NIST, ANSI X9; and/or others).
- Strong knowledge of regulatory requirements and compliance (PCI, SOX, HIPAA, and/or GLBA).
- Expert in several security and compliance domains.
- Strong knowledge of retail, pharmacy and healthcare operations is a major plus.
- Extensive experience working with diverse groups within dynamic organizations in both IT and business areas.
- Extensive experience building collaboration solutions for geographically dispersed teams.
How to Apply: Interested candidates are encouraged to submit a resume by visiting careersatsafeway.com
Diversity is fundamental at Albertsons-Safeway. We foster an inclusive working environment where the different strengths and perspectives of each employee is both recognized and valued. We believe that building successful relationships with our customers and our communities is only possible through the diversity of our people. A diverse workforce leads to better teamwork and creative thinking, as well as mutual understanding and respect.
The Albertsons-Safeway policy is to provide employment, training, compensation, promotion and other conditions of employment without regard to race, color, religion, sexual orientation, gender identity, national origin, sex, age, disability, veteran status, medical condition, marital status or any other legally protected status.
We support a drug-free workplace -- all applicants offered a position are required to pass a pre-employment drug test before they are hired.
AN EQUAL OPPORTUNITY EMPLOYER