Sr Security Engineer
This individual devises solutions to complex security and business needs while aligning with Grainger strategies, policies standards, guidelines and procedures. This individual highlights and leads the remediation of significant gaps in the security of a large enterprise.
Creates solutions for cross-enterprise complex problems in the areas of:
* Application Security
* Infrastructure / Endpoint Security
* Cloud Security
* Database Security
Gives guidance to and mentors SOC Analyst and Engineers. Provides guidance and security consulting services to IT leadership.
Provide Level III Support for escalated tickets from SOC and other engineering teams
• Collaborate with other teams as necessary to ensure customer service levels are met
• Design and development of Security Solutions to protect Grainger IT assets (Americas)
• Work closely with Infrastructure OR Software Delivery engineering teams to ensure security requirements are understood and built into the design of other enterprise services
• Forecast and Establish technical requirements in concert with Architecture and Risk Management for Connectivity (intra and intercompany), Internet facing solutions, Infrastructure, Application, eCommerce, Mobility, Cloud, etc.
• Provide subject matter expertise for Architecture, Planning and Roadmap sessions
• Research, evaluate, design, test, recommend and plan the implementation of new or updated information security technologies
• Document solutions engineered to be handed off to SOC, and other Engineering support organizations
• Own Security aspects of Software OR Infrastructure Delivery lifecycle
• Perform product and solution life cycle management ensuring capacity, integrity and availability of all systems.
• Lead the execution of more complex multi-platform changes
• Participate in projects as required; analyze, design, develop and implement security solutions which protect the information assets while enabling business functionality
• Lead/direct IT infrastructure OR application penetration testing using standard tools and procedures
• Perform Root Cause analysis for security or availability failure and direct the remediation of Security related causes
- Bachelor’s degree in Information Systems or related degree, or equivalent job experience.
• 2 years of experience in Security solution design, implementation and troubleshooting across all computer platforms.
• 5 years of experience in Security technology implementation and troubleshooting across all computer platforms
• 5 or more years required of combined IT and security work experience with a broad exposure to infrastructure/network and multi-platform environments.
• Experience and hands-on working knowledge with a variety of security technologies and processes including but not limited to Firewall, VPN, SEIM, IDS/IPS, HIDS, malware analysis and protection, content filtering, logical access controls, data loss prevention, content filtering technologies, application firewalls, vulnerability scanners, forensics software, and security incident response.
• Understanding of Cloud solution best practices and integration techniques
• GIAC and ISC2 certifications such as CISSP are highly preferred.
• Good understanding of Risk and Compliance framework, regulatory compliance (Sarbanes-Oxley (SOX) and PCI-DSS)
• Highly self-motivated
• Strong attention to detail
• Ability to effectively prioritize and execute tasks in a complex environment
• Solid understanding of standard business processes including Change Management, Problem Management, Work Prioritization, Quality Assurance, and Continuous Improvement best practices, etc.
“Grainger is an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, gender identity, sexual orientation, disability, or protected veteran status.”
Job Segment: Information Systems, Consulting, Risk Management, Testing, Database, Technology, Finance