Sr Manager, Business Security Integration

ARE YOU A CURRENT US FOODS EMPLOYEE? PLEASE APPLY DIRECTLY THROUGH OUR INTERNAL WORKDAY CAREER SITE

Join Our Community of Food People!

At US Foods, innovation and technology is our superpower. By expanding our digitalecosystem and leading with a customer-firstmindset, we’re delivering technology thatempowers our customers and simplifies business. As we transform the digital landscapeof the foodservice industry, we’re outpacing our competitors faster than ever before.

We believe diversity is the cornerstone of creativity and innovation—and we foster anopen, inclusive,flexible work environment that supports our transformation.


The Sr Manager, Business Security Integration role leads security integration across US Foods Digital and Technology (DigiTech) organization and its value streams, with a focus on Digital Commerce and their initiatives. This role is responsible for setting standards, developing metrics to measure the success of security integration function, and managing the security integration team.

Flexible Work Policy: The work for the Sr Mgr Business Security Integration position is completely 100% remote anywhere in the United States except Hawaii or United States Territories. This position may have the potential to travel up to 20% dependent on business needs.

RESPONSIBILITIES

• Lead the Business Security Integration Function on the Information & Cyber Security Team

• Establish key standards, measure performance metrics and develop consistent reporting on the effectiveness of the Business Security Integration function and the security posture of each DigiTech value stream

• Act as single point of contact in security for Digital Commerce value stream and provide an escalation path for significant security concerns and inquiries

• Consult on strategic initiatives in the Digital Commerce value stream to ensure comprehensive end-to-end risk identification and risk management

• Help execute the security program in collaboration with Value Stream partner by identifying and remediating risks in accordance with security policies and standards

• Understand business requirements for Value Stream partner and provide security expertise to decision making and road mapping

• Evangelize and enhance a secure culture in the Digital Commerce value stream as it relates to their line of business and potential impacts, whether regulatory or possible cyber-attacks

• Prioritize and manage findings from: audits, risk assessments, penetration tests, and other internal discovery and drive remediation of issues with the Value Stream partners

• Present monthly to Value Stream Lead, sharing prioritized gap analysis, remediation plans and areas of success

• Coach Product Teams to mature their understanding and use of security tools and information

• Understand and articulate impacts to value stream partners in strategy and roadmap conversations within the Information and Cyber Security Team

• Promote security mission, evangelize security culture, and participate/support objectives for Digital Commerce

SUPERVISION :

• Business Information Security Leads

RELATIONSHIPS

• Internal: Information and Cyber Security Team, Digital Commerce, Internal and external audit, Security Engineering, Security Architecture, Cloud/DevSecOps, Data, IT PMO and Product Teams, Business Continuity, Enterprise Risk Management

• External: Technology vendors, including software and service providers; customer risk management representative, relevant managed security services, and professional services vendors, value stream vendors

WORK ENVIRONMENT

• Remote: This role is fully remote, and the associate is expected to perform assigned responsibilities from a home-based environment.

MINIMUM QUALIFICATIONS

• 7 years of information security experience

• People leadership or management experience

• Broad foundational knowledge in many information and cyber security domains with priority given to security risk management and application security

• Familiarity with compliance requirements (PCI, HIPAA, SOX, etc.) and with security frameworks such as NIST CSF, ISO 27001, CIS, etc.

• Demonstrable experience in building positive working relationships with leaders and associates across multiple areas of the business

• Demonstrable ability to lead and mentor a team, ensuring the successful professional development of direct reports by mentoring, providing career guidance, and making decisions that reflect the policies of the Information and Cyber Security Team

• Experience developing, measuring, and tracking key performance metrics, preferably in a cybersecurity program

• Ability to present complex security topics to a variety of audiences, from developers to senior technical leaders, up to executive leadership in Digital and Technology organization

• Ability to advise, collaborate, and work in a team environment enabling others to trust your input and seek your guidance

• Ability to influence without authority to drive desired outcomes

• Experience executing security compliance plans, vulnerability management programs, risk management lifecycle, and/or security assessment/governance processes

• Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively

• Proactive self-development, staying current on evolving threat landscape, security trends/best practices, and dynamic regulatory requirements

• Highly organized, efficient, and attention to detail

• Strong written and verbal skills enabling effective communication with different levels of leadership

EDUCATION

• Bachelor’s degree from an accredited college/university or equivalent professional experience required

CERTIFICATIONS/TRAINING

• Preferred but not required: SANS GSEC, GCIA (or related), CISSP, ISACA certifications (e.g., CISA, CISM, CRISC)

PREFERRED QUALIFICATIONS

• Experience as a Business Security Officer or leading a Business Security Office team

Compensation depends on relevant experience and/or education, specific skills, function, geographic location, and other factors as applicable by law. The expected base rate for this role is between $95,000 - $155,000.

This role will also receive annual incentive plan bonus.

Benefits for this role may include health insurance, pre-tax spending accounts, retirement benefits, paid time off, short-term and long-term disability, employee stock purchase plan, and life insurance. To review available benefits, please click here: https://www.usfoods.com/careers/benefits.html .

#LI-SK1

#remote

***EOE Race/Color/Religion/Sex/Sexual Orientation/Gender Identity/National Origin/Protected Veteran/Disability Status***