Über
The Information Security team protects all of Grainger, from our systems to our data across the global company. Our infrastructure is powered by cloud, on-premises, and SaaS platforms that keep Grainger and our customers working. We use modern tools and practices to stay ahead of evolving security challenges. The mission of the Security Architecture team is to be the strategic security design partner for Grainger’s technology. As the security architect responsible for Grainger’s cloud platforms, you will be responsible for architecting, advising on, and governing a secure cloud infrastructure supporting business needs. You will support the progressive needs of the business and provide timely, secure and cost-efficient solutions that elevate the company’s cloud security posture. An advanced role, the cloud architect will deliver resilient architectures at scale to support business initiatives. The role requires deep technical knowledge of cloud computing architecture, security principles, and cybersecurity best practices. This individual contributor role reports to the Director of Cybersecurity Architecture and may be based remotely or at our offices in the Chicago area. Compensation
The anticipated base pay range for this position is
$146,200 – $243,600 . This role is eligible for an incentive target of up to 20 % based on achievement of individual and company performance objectives. Eligibility
This position is not eligible for any form of sponsorship now or in the future. Individuals requiring sponsorship (e.g., OPT or H1B visa status) should not apply. Only individuals authorized to work in the United States now and for the foreseeable future will be considered for this position. You Will
Plan, research, and develop security architecture for cloud solutions (SaaS, PaaS, and IaaS), which may include custom in-house solutions and third-party solutions Define strategies and roadmaps to support security and company technology goals Communicate the state of cloud security posture to cybersecurity leaders, IT leaders, and other stakeholders through metrics and KPI-driven messages Develop, maintain, and enforce cloud security policies and procedures using best practices such as Cloud Security Alliance Cloud Controls Matrix, CIS Benchmarks, and cloud provider Well-Architected Framework security pillars Work with teams to define requirements, evaluate architecture, analyze trade-offs, and recommend solutions Create conceptual and logical architecture designs, including cloud security reference architectures and secure landing zone designs Assess risks through threat modeling and white‑boarding exercises with teams Evaluate products and tools through Proof of Value exercises Advise product teams on security implications of their roadmaps Partner with engineering teams, cloud platform teams, and peer architecture teams to embed security in technical decisions from design through implementation Define and maintain cloud account and subscription governance, including organizational unit structure, service control policies, and permission boundaries Design and advise on security architectures for CI/CD pipelines, including secrets management, IaC scanning, container image scanning, and artifact integrity Architect cloud-native security monitoring and logging strategies, including integration with Grainger’s SIEM/SOAR platform Evaluate and mature cloud-native security tooling to support detection, prevention, and compliance objectives Mentor peers and junior architects through design reviews, knowledge sharing, and technical leadership across the security architecture team You Have
5+ years of architecture experience, with at least 3 years focused on cloud environments 8+ years of information security experience Bachelor’s degree preferred or equivalent work experience Deep expertise in designing cloud security architectures that support the business needs of large enterprises, primarily in AWS and functional in Microsoft Azure and Google Cloud Proven experience with zero‑trust architecture principles, encryption and key management, web application firewalls, data protection, vulnerability management, API security, and Infrastructure as Code security (Terraform, CloudFormation, or equivalent) Strong understanding of cloud IAM architecture, including AWS IAM policies, service control policies, Azure Entra ID conditional access, and federated identity patterns Experience with cloud-native security tooling such as CNAPP, CSPM, CWPP, and CIEM solutions Working knowledge of container and Kubernetes security concepts, including image scanning, runtime protection, admission control, network policies, and RBAC Familiarity with CI/CD pipeline security practices, including shift‑left security integration, secrets management, SAST/DAST, and software supply chain security concepts (SBOM, artifact signing) Familiarity with security frameworks and industry standards such as CIS Benchmarks, CSA CCM, NIST CSF, and cloud provider Well-Architected Frameworks Working knowledge of AI/ML workload security, including securing data pipelines, model hosting infrastructure, and awareness of frameworks such as OWASP Top 10 for LLMs and MITRE ATLAS Working technical knowledge within the network security space, including SSE/SASE, SD‑WAN, next‑generation firewalls, enterprise routing and switching, microsegmentation, web application firewalls, and cloud‑adjacent and edge compute Design and communicate cloud security monitoring and logging architectures, including native cloud provider tools and SIEM/SOAR integration Relevant certifications preferred: CISSP, CCSP, AWS Solutions Architect, or vendor‑specific cloud security certifications (e.g., AWS Security Specialty/Network Specialty) Benefits
Medical, dental, vision, and life insurance plans beginning on day one of employment and 6 free therapy sessions each year 18 paid time off (PTO) days annually for full‑time employees (accrual prorated) and 6 company holidays per year 6 % company contribution to a 401(k) Retirement Savings Plan per pay period, no employee contribution required Employee discounts, tuition reimbursement, student loan refinancing, and free access to financial counseling, education, and tools Maternity support programs, nursing benefits, and up to 14 weeks paid leave for birth parents and up to 4 weeks paid leave for non‑birth parents Equal Employment Opportunity
We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex (including pregnancy), national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or expression, protected veteran status or any other protected characteristic under federal, state, or local law. We are proud to be an equal opportunity workplace. We are committed to fostering an inclusive, accessible work environment that includes providing reasonable accommodations to individuals with disabilities during the application and hiring process as well as throughout the course of employment. If you need a reasonable accommodation during the application or selection process, please advise us so we can provide appropriate assistance.
#J-18808-Ljbffr
Sprachkenntnisse
- English
Hinweis für Nutzer
Dieses Stellenangebot stammt von einer Partnerplattform von TieTalent. Klick auf „Jetzt Bewerben”, um deine Bewerbung direkt auf deren Website einzureichen.