Manager, Security Operations
Primary Function:
This position will Manager the Grainger Global Security Operations Center (SOC) team and manage relationships with external security providers.
This role provides updates related to significant security incidents to senior leadership in the business, communications, legal and security organizations.
The team managed by this role is responsible for 24/7 full time monitoring and protection of Grainger US and subsidiary data globally and is responsible for operational security-related tasks/change execution.
Principal Duties & Responsibilities:
- Supervise and participate in day-to-day information security operations, including monitoring, analysis, detection and escalation of security risks and threats to Grainger systems and business
- Coordinate information security incident response team, as well as serve as the Grainger point-of-contact for information security operational requests
- Provide overall direction during execution of the incident response process, providing advanced analysis and direction, facilitating appropriate escalations and serving as the conduit for event communications to management.
- Direct completion of post mortem analysis, document findings and provide recommendations to proper security and infrastructure teams for appropriate corrective actions.
- Provide coordination of operational tasks from requests to execution ( including providing hands/feet support for external vendor)
- Oversee the vendor who provides Managed Security Services
- Ensure security monitoring and incident response systems (SIEM) are maintained in a state of readiness
- Manage and monitor Enterprise Endpoint protection (AV/Malware, Client Firewall, Internet and DMZ firewall, Intrusion Detection etc.)
- Manage Vulnerability scanning and reporting
- Maintain relationships with technology vendors supported by SOC
- Oversee and maintain relationship with external incident response vendor
- Coordinate information security incident response team, as well as serve as the Grainger point-of-contact for information security operational requests
- Provide operational metrics
- Build strong working relationships with other IT teams (Client Platform Support, Mobile, Server, Network, Software Delivery) to work on security tasks
- Champions continuous improvement within SOC, identifying automation opportunities and tools that could improve the ability of the team to detect and react to events
- Direct the building and update Security Operations SOPs
Preferred Education & Experience:
- Five (5) years of technical experience in a security related technical field
- Strong analytical and problem solving skills with the ability to synthesize big picture and detailed technical issues rapidly and accurately. Ability to multi-task, effectively prioritizing and executing tasks in a high-pressure environment.
- Ability to communicate situation reports to both highly technical and non-technical individuals so that each has a clear understanding of the situation, the impact and next steps.
- CISSP (or CISM), ITIL, GCIH /GIAC certifications recommended
- Has lead a security team of 3 or more individuals for at least 3 years
- Demonstrated ability to motivate, mentor, coach and lead technical teams
- Strong continuous improvement problem-solving and mentoring skills
- Strong verbal and written communication, facilitation, and interpersonal skills
“Grainger is an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, gender identity, sexual orientation, disability, or protected veteran status.”