Grainger is North America’s leading Maintenance Repair & Operating provider and we are the 10th largest North American E-commerce player with over 50% of our revenue coming from online transactions. Within the Enterprise Systems team we use technology to support the ever-changing and dynamic needs of a supply chain carrying 1.5 million products and an employee base of 25,000+; and we are committed to delivering technical solutions to support the business in its mission to stay atop. We deliver technology solutions across the enterprise including our call centers, branch network, sales, and our various digital channels. The team supports over 1000 applications across the network and operates in an agile environment to deliver complex solutions quickly and seamlessly. The team of 500+ is comprised of Infrastructure + Operations, Cyber Security, Technology Planning, Architecture and Engineering and are built in a way to support the dynamic and ever changing customer landscape.
Security Operations Analyst
This individual devises solutions to complex security and business needs while aligning with Grainger strategies, policies standards, guidelines and procedures. This individual highlights and leads the remediation of significant gaps in the security of a large enterprise.
Principal Duties & Responsibilities
- Participate as a member of the global security operations team in protecting the integrity and confidentiality of Grainger information assets while enabling business functionality in all systems and environments by supporting applicable security solutions.
- Assist in security project implementation for testing, monitoring and reporting purpose
- Provide direction on the usage of third party security solutions/tools/services with remote support providers and integration techniques.
- Partner with MSSP/external vendors providing SecOp services.
- Contribute in the evaluation of new or updated security solutions with engineering.
- Evaluate and escalate events and incidents to the Security Administration and Engineering teams based on established escalation procedures.
- Provide real-time monitoring and timely response to alerts and anomalies generated by security tools
- Identify and develop new security detection use cases, playbooks, and alerts for use within the SIEM.
- Supports departmental and corporate goals by meeting key performance indicators and defined metrics
- Fully support and follow Change Management processes and procedures
- Help standardize documentation for support of assigned systems and applications and help to facilitate understanding and use within level one support organization
- Accurately record all interactions with customers in the incident management tracking tool
- Perform special assignments as required
Preferred Education & Experience
- Preferred experience of 2 or more years of working in security operations center or incident response role with experience participating as a member of an incident response team
- 3 or more years required of IT or IT security work experience with a broad exposure to infrastructure/network and multi-platform environments. Hands on working knowledge of at least two operating systems including but not limited to Windows Server, Unix/Linux, and Apple OSX environments required.
- 3 years of experience (minimum) and hands-on working knowledge with a variety of security technologies and processes including but not limited to Firewall (such as Check Point, Fortinet, Cisco ASA, Palo Alto, Juniper), VPN, SEIM (Splunk), HIDS, malware analysis and protection, content filtering, logical access controls, data loss prevention (such as Symantec, RSA, McAfee), content filtering technologies, application firewalls (such as F5, Imperva), vulnerability scanners, forensics software, and security incident response.
- GIAC and ISC2 certifications such as CISSP are highly preferred.
- Splunk certifications are preferred.
- Familiarity with audit support and response, and regulatory compliance (Sarbanes-Oxley (SOX) and PCI-DSS)
- Highly self-motivated
- Strong attention to detail
- Ability to effectively prioritize and execute tasks in a complex environment
- Solid understanding of standard business processes including Change Management, Problem Management, Work Prioritization, Quality Assurance, and Continuous Improvement best practices, etc.
- Strong client relationship management skills
- Strong analytical and problem-solving skills
- Strong verbal and written communication skills
- Strong interpersonal and conflict management skills
“Grainger is an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, gender identity, sexual orientation, disability, or protected veteran status.”