Share this Job

Security Analyst II

Date: Jan 13, 2021

Location: LAKE FOREST, IL, US, 60045-5201

Company: Grainger Businesses

Security Analyst II – Cyber Incident Response Team

 
As the Cyber Incident Response Team, our primary mission is to monitor and respond to cyber security events generated from our global enterprise security tools and systems.

  

Principal Duties & Responsibilities  

  • Participate as a member of the global incident response team in protecting the confidentiality, integrity, and availability of Grainger information assets while enabling business functionality.
  • Accurately record all interactions in the incident management tracking tool.
  • Provide real-time monitoring and timely response to alerts and anomalies generated by security tools.
  • Evaluate and escalate events and incidents based on established escalation procedures, playbooks, etc.
  • Identify and develop new security detection use cases, playbooks, and alerts for use within the SIEM (Splunk).
  • Partner with internal and external teams and vendors to solve complex security problems. 
  • Help standardize documentation for support of assigned systems and applications and help to facilitate understanding and use.
  • Assist in security project implementation for testing, monitoring, log ingestion, and reporting purposes.
  • Provide direction on the usage of third-party security solutions/tools/services with remote support providers and integration techniques. 
  • Contribute to the evaluation of new or updated security solutions.
  • Prioritize and execute tasks in a complex, often remote, work environment.
  • Perform special assignments as required.

 
Preferred Experience  

  • 1 or more years of working in security operations center or incident response role would be ideal.
  • 3 or more years of IT administrative work or IT security work with a broad exposure to infrastructure/network and multi-platform environments. Hands on working knowledge of at least three platforms including but not limited to Cloud Services, Windows Server, Unix/Linux, and Apple OSX environments.
  • Splunk experience, certifications, and administrative skills are a plus.
  • SOAR experience (Phantom, Demisto, etc.) and SOAR Programming knowledge is a plus.
  • Familiarity with audit support and response, and regulatory compliance (SOX and PCI-DSS).
  • Solid understanding of standard business processes including Change Management, Problem Management, Work Prioritization, Quality Assurance, and Continuous Improvement best practices, etc.

 
“Grainger is an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, gender identity, sexual orientation, disability, or protected veteran status.”