Tech Lead, Digital Support Security (Web Application Security)

San Francisco - California

Date Posted: Nov. 01, 2018

Requisition ID: MAC12809

Job Overview:
A Technical Lead within Digital Support Security is a hands on security solutions developer, who is part of the Core team to provide and lead application and operational security support of both customer facing and non-customer facing areas. He/She will be involved in the design and development of several critical applications and is an influencer in decision-making for enterprise wide initiatives. The successful applicant will closely work with Engineering, Operations, Infrastructure, and other Technical Teams in a highly collaborative environment to provide rapid response and resolution to production emergencies. Additional responsibilities include providing technical leadership for onsite and offshore teams and other contract team resources. Perform other duties as assigned.
Essential Functions:
• Provide technical leadership for security operations and solutions on a daily basis.
• Play an active role on pilot initiatives to build internal tools to detect and mitigate threats and/or various attack vectors.
• Be the representative on production calls for the support team to track, manage, trouble-shoot and fix production issues both short term and long term.
• Provide on-call support on a rotation basis during off-hours as needed to supplement dedicated 24/7 team.
• Monitor production issue queue on a rotation basis and work with business team to prioritize, analyze and manage them to closure.
• Individually accountable for delivery on assigned projects.
• Regular, dependable attendance & punctuality. 
• Bachelor's degree in Computer Science or Engineering preferred and 8 years of related experience or an equivalent combination of education and experience.
• 8+ years of experience in full life cycle development of Java/J2EE based projects.
• 2+ years of hands on experience in detecting and remediating security threats and vulnerabilities.
• Experience with Akamai WAF, OWASP Top 10, SIEM, Fraud, SSL, and Certificate Management is a strong plus.
• Strong networking fundamentals with solid understanding of HTTP, TCP/IP, DNS, LoadBalancers, Proxy servers etc is required.
• 2+ years of experience with Monitoring tools like DynaTrace, Splunk, KeyNote is preferred.
• Prior security NOC experience is a plus.
• CISSP certification a strong plus.
Communication Skills:
• Ability to effectively communicate technical issues and recommend solutions to all levels of business, sometimes during high stress situations.
Reasoning Ability:
• Strong analytical and problem solving skills a must.
Other Skills:
• Familiarity with private/public cloud platforms is desired.
• Ability and desire to thrive in a proactive, high pressure, customer-facing environment.
Work Hours:
• Ability to work a flexible schedule based on department and company needs.
Company Profile:
As the fastest growing part of Macy's Inc. business, is achieving record sales and broadening our workforce. With offices in New York and San Francisco, is the best of all worlds. The entrepreneurial thinking of a Web business complements the stability and support of a national brand. Creativity and ingenuity partner with business acumen and tech savvy to build a unique business poised for continued growth. Employees at have long term opportunities and are encouraged to utilize their Supervisors and Human Resources for cross-functional movement to further their careers. At we are committed to giving back to the community by partnering with local charitable organizations.  By skillfully combining the power of the Internet with the best in retailing, is reaching new heights.
This job overview is not all inclusive.  In addition, Macy’s, Inc. reserves the right to amend this job overview at any time.  Macy’s is an Equal Opportunity Employer, committed to a diverse and inclusive work environment.  Macy’s, Inc. – including Macy’s and Bloomingdale’s – will consider for employment qualified applicants with criminal convictions in a manner consistent with SFPC Art. 49 and LA MC ch.XVIII Art. 9.