Apply on Employer Site

Zoro.com · 2 months ago

Sr. Cloud Security Engineer

Chicago, Illinois, United States

Full-time

Hybrid

Mid, Senior Level

$103K/yr - $171K/yr

5+ years exp

Zoro.com is a leading eCommerce platform offering nearly 12 million tools, parts and supplies for business customers. The Senior Cloud Security Engineer will be responsible for evaluating, implementing, and managing security tools for cloud infrastructure and SaaS applications, while promoting a security-aware culture within the organization.

AutomotiveConstructionE-CommerceFood and BeverageLandscapingLightingMedicalOffice SuppliesPublic SafetySmall and Medium Businesses

H1B Sponsor Likely

Responsibilities

Design highly available, scalable, and resilient security solutions leveraging both cloud-agnostic and cloud-native tools within GCP and AWS

Design and implement container security enhancements

Design, implement and monitor solutions for network and landing zone security, server and container image hardening, identity and access management (IAM), data security, patch management, application security, secrets management

Design and implement automated security processes and controls to increase operational effectiveness and reduce manual processes

Lead collaborative design of solutions to meet remediation requirements from audits, security reviews, vulnerability scans, external regulatory changes, PEN Tests, and PCI changes

Lead automation efforts to minimize manual work, ensure compliance goals, and support continuous delivery frameworks and tools

Own, lead and manage the security vulnerability management program and remediation process across systems and component owners

Assess and implement monitoring tools to support operational and security incident response processes

Strengthen the data security approach by improving the preventative, detective, and corrective solutions

Lead in selecting security vendors and tools and managing vendor relationships

Research, analyze and assess threats and risks

Interface with teams to provide high-quality and low-friction security operations services throughout the organization

Serve as the hands-on subject matter expert for security operations

Guide technical teams on architectural, procedural, and security best practices

Communicate security risks and mitigation plans to business partners

Create documentation for security tools and services

Provide feedback on new and existing security policies

Create and maintain security standards, guidelines, and procedures

Stay abreast of security industry standards, technology changes, trends, and best practices

Review and approve security infrastructure change requests

Provide leadership, training, and mentoring to junior team members

Qualification

Cloud Security EngineeringGCPAWSSecurity FrameworksSIEM ToolsWeb Application SecurityNetwork SecurityIdentityAccess ManagementCommunication SkillsProblem SolvingOrganizational SkillsInterpersonal SkillsSelf-Starter

Required

Bachelor's degree in Information Systems or related degree, or equivalent job experience

Possess an ISACA and/or ISC2 certification, such as CISSP, CCSP, or CSX-P

5+ years cloud infrastructure operations or information security risk compliance experience

5+ years of experience in security engineering and operations

Extensive experience with GCP and/or AWS

Experience with SIEM tools

Web application security, browser security models, and application security vulnerabilities such as the OWASP Top Ten

Direct working experience in designing and implementing solutions to enforce security frameworks, controls, and benchmarks such as NIST Cyber Security Framework, CIS CSC, CIS Top 20, and ISO 27001

Strong understanding of network attacks, DDoS, phishing, email protocols/security/spam, encryption, authentication, logging and log analysis, IP and device reputation, and security rules and policies

Excellent organizational, communication, and interpersonal skills

Innovative problem solving, research, and analytical skills

Highly motivated self-starter

Strong sense of ownership and driven to manage tasks to completion

Preferred

Certified Information Systems Security Professional (CISSP)

Google Professional Cloud Security Engineer

Benefits

Medical, dental, vision, and life insurance plans with coverage starting on day one of employment

Maternity support programs, nursing benefits, and up to 14 weeks paid leave for birth parents and up to 4 weeks paid leave for non-birth parents. We also support growing your family through access to adoption assistance program

6 free sessions each year with a licensed therapist and Wellhub portal membership to support your mental and emotional wellbeing

At least 18 paid time off days annually for full-time employees and 6 company holidays per year

6% company contribution to a 401K Retirement Savings Plan each pay period, no employee contribution required

Tuition reimbursement, student loan refinancing and access to financial counseling, education, and tools

Charitable Gift Program - match gift to an eligible educational, cultural, community health, and human service organizations

Employee discounts and admission to various civic and cultural institutions around Chicago

Zoro office perks including coffee bar, beer on tap, unlimited snacks, access to the onsite gym, and incredible city skyline views

Company

Zoro.com

Glassdoor3.2

Tools, Parts, and Supplies for Your Business™ Zoro has the tools, parts, and supplies your business needs to get the job done—all at affordable prices.

Founded in 2010

Buffalo Grove, Illinois, USA

501-1000 employees

http://zoro.com

H1B Sponsorship

Zoro.com has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2025 (11)

2024 (5)

2023 (3)

2022 (6)

2021 (8)

2020 (13)