Security Analyst

About Grainger:

Grainger is a leading broad line distributor with operations primarily in North America, Japan and the United Kingdom. We achieve our purpose, We Keep the World Working®, by serving more than 4.5 million customers with a wide range of products that keep their operations running and their people safe. Grainger also delivers services and solutions, such as technical support and inventory management, to save customers time and money.

We're looking for passionate people who can move our company forward. As one of the 100 Best Companies to Work For, we have a welcoming workplace where you can build a career for yourself while fulfilling our purpose to keep the world working. We embrace new ways of thinking and recognize everyone is an individual. Find your way with Grainger today.

Position Details:

Grainger’s Cybersecurity Operations Center (CSOC) is a dynamic, collaborative group that focuses on teamwork and learning while protecting Grainger. Our primary mission is to monitor and respond to cybersecurity events generated from our global enterprise security tools and communicate findings to other information security teams to guide tuning, tool effectiveness, and industry best standards.  This position reports directly to the Manager of the Cyber Security Operations Center.

You Will:

• Participate as a member of the CSOC in protecting the integrity, and availability of Grainger information assets while enabling business functionality 24x7x365.
• Execute regular incident response and postmortem exercises, with a focus on security posture, tool effectiveness, and documentation.
• Provide real-time monitoring and prompt response to alerts and anomalies generated by security tools, looking for tactics, techniques, and procedures (TTPs) of threat actors across a large global network.
• Evaluate and escalate events and incidents based on established criteria, procedures, and playbooks.
• Develop new security detection use cases and alerts for use within our SIEM (Security Information and Event Management)
• Document security incident technical details throughout all phases of incident response.
• Update the CSOC process documentation to share best practices among the team
• Support security project testing, monitoring, log ingestion and reporting purposes.
• Contribute to the evaluation of new or updated security solutions.
• Build tasks in a complex, often remote, environment.
• Perform special assignments.   

You have:

• 2 or more years of IT administration work experience with a broad exposure to infrastructure/network and multi-platform environments.
• 2 or more years of hands-on knowledge of at least two operating systems including Windows 10/11/Server, Linux, and macOS.
• Security certifications (Security+, GSEC).
• SOAR, SIEM, Programming (PowerShell, Python) skills.
• AWS (Amazon Web Services), Azure, GCP (Google Cloud Platform) experience.
• Familiarity with audit support and response, and regulatory compliance (SOX and PCI-DSS).
• Experience with standard business processes including Change .Management, Problem Management, Work prioritization, Quality Assurance, Continuous Improvement. 

Rewards and Benefits:

With benefits starting day one, Grainger is committed to your safety, health and wellbeing. Our programs provide choice to meet our team members' individual needs. Check out some of the rewards available to you at Grainger.

• Medical, dental, vision, and life insurance coverage starts day one
• Paid time off (PTO) days and 6 company holidays per year
• 6% 401(k) company contribution each pay period
• Education assistance, including financial counseling, tuition reimbursement and low-cost degree options
• Employee discounts, parental leave, and more

DEI Statement

We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We are proud to be an equal opportunity workplace.