Kroger

Job Description

This position is integral to our active IGA program delivery. The engineer will lead the architecture and implementation of our SailPoint ISC environment, drive the integration with Azure Entra ID to ensure governance decisions are enforced accurately across our cloud identity fabric, and establish the ISC-to-ServiceNow connection to route provisioning and access requests seamlessly through existing ITSM workflows.

Responsible for defining and assessing Kroger's cybersecurity strategy with the CISO (Chief Information Security Officer) and CIO (Chief Information Officer). Monitor strategy implementation and adherence to cyber policies, standards and procedures. Provide input and help guide enterprise-wide cybersecurity awareness and communications campaigns. Demonstrate the company's core values of respect, honesty, integrity, diversity, inclusion and safety.

Responsibilities

• Develop cybersecurity strategy, plans, and roadmaps for the enterprise; facilitate integration of cybersecurity into business strategy
• Partner with BISOs (Business Information Security Officer) to work with stakeholders across the business to disseminate messaging to business units and collect feedback on strategic initiatives
• Coordinate and collaborate on cybersecurity initiatives across cybersecurity organization and other relevant functions across the enterprise (e.g., IT, Finance, Legal)
• Support the BISO and the Risk, Governance and Reporting teams with the establishment and execution of Kroger's cyber risk management framework and processes
• Work closely with CISO, IT and business senior leadership and the Board to ensure alignment on strategic initiatives
• Liaise with the CISO and CIO on materials presented to the Board to provide visibility into Kroger's cybersecurity risk
• Provide regular input to recruiting efforts for the cybersecurity organization
• Determine roles required to support work and partner with HR to help develop job profiles
• Provide input to and help guide the enterprise-wide cybersecurity awareness and communications campaign
• Work closely with Security Awareness roles to ensure effective communication method of security policies
• Monitor compliance and provide input to ensure enforcement mechanisms are in place to guide policy adherence
• Must be able to perform the essential job functions of this position with or without reasonable accommodation

Qualifications

Minimum

• Bachelor's Degree computer science, information technology, engineering or information systems
• 10+ years of experience in cybersecurity or equivalent IT experience with a Fortune 100 company
• Any experience working alongside senior leadership (i.e., CIO, CISO) in a Fortune 100 company and engaging cross-functional senior leadership
• Any extensive experience in the development of security plans and strategies for a Fortune 100 company
• Any extensive experience in the cross-functional implementation of complex security initiatives for a Fortune 100 company
• 5+ years of leadership experience in transformational information security or cybersecurity efforts with a Fortune 100 company
• Strong communications skills and ability to work across multiple business areas in concert with the cybersecurity organization
• Strong relationship, team building and facilitation skills

Desired

• Master's Degree information security or MBA
• Any experience in the development of security training courses and communications is preferred
• Any experience in the development of communications plans for change management efforts in cybersecurity or related IT field
• 2+ years supporting and implementing OT security technology and processes for a Fortune 100 company
• Cybersecurity certifications with demonstrated application of learned concepts: (ISC)2 CISSP (Certified Information Systems Security Professional)
• ServiceNow
• Entra and Sailpoint ISC