Network and Cloud Security Architect

*We are unable to sponsor for this permanent Full time role*

*Position is bonus eligible*

Prestigious Enterprise Company is currently seeking a Senior Network and Cloud Security Architect. Candidate will be a go-to resource for teams seeking deeper clarity, potential solutions, or recommendations for meeting security requirements when path forward is uncertain.

Responsibilities:

• Security analysis and guidance from within the Security Team.
• Constructive review of existing environment standards, designs, tools, and services to determine areas of weakness, inconsistency, or exposure, this while offering recommendations for IT remediations and maturity.
• Thoughtful analysis and alignment with Security Operations and GRC to ensure alerting, metrics, and reporting are conveying information to further reinforce security standards or identify deviations.
• Defining security architecture, standards, and solutions within one or more domains
• Develop conceptual and logical security architectures to inform and influence product selection and application
• Create and document technical security standards, policies, procedures, and processes
• Support the analysis and implementation of security standards to establish repeatability and consistency across the technology ecosystem.
• Continuous analysis of future-state security requirements tied to product roadmaps, strategies, and business initiatives.
• Design and advocate for modern approaches to network and infrastructure security
• Develop patterns, strategies, and roadmaps aligned to Grainger's technology and business goals
• Perform risk assessments and identify capabilities needed to address current and anticipated challenges to our networks and infrastructure

Qualifications:

• Firewalls, networking, routing, load balancers, and related
• Zero trust, zone-based architecture, defense in depth, SASE, SSE, and micro-segmentation
• Identity-based network access, time-bound access to networks, and NAC
• Wireless technologies, 802.1x, WPAx, and wireless in IoT and industrial applications
• Intrusion detection/prevention, threat protection, application and content identification
• Web application Firewalls (WAF), application and reverse proxies, DDoS protection strategies
• SaaS cloud service security (O365, Salesforce, ServiceNow, etc.)
• AWS, Azure, Google Cloud Platform, and other commodity IaaS vendors
• NIST 800-53, NIST CSF, ISO 27001, PCI-DSS, HIPAA, etc.
• SABSA, TOGAF, and enterprise architecture frameworks
• Frameworks such as MITRE ATT&CK and OWASP ASVS, with the ability to articulate how the frameworks assist in enhancing security.
• Vulnerability management technologies and secure development tools.
• Threat modelling methodologies and frameworks
• Server, database, and infrastructure security and resiliency
• Kubernetes and containers
• Internet of Things (IoT), Operational Technologies (OT) and industrial controls
• Bachelor's Degree in Computer Science (related) or equivalent experience as a hand-on security architect/senior security engineer.
• 7+ years of IT Security Experience. Industry certifications are highly desired (ie CISSP, CCSP, or other advanced-level certifications).
• Highly technical and analytical expertise, with a proven background in security technology design, implementation, and delivery. This individual must be comfortable providing metrics, analysis, and quantitative/qualitative evidence to drive an expected security outcome.