Company Summary

Zoro.com is a leading eCommerce platform offering nearly 12 million tools, parts and supplies for our business customers. Launched in 2011, we brought a B2C-like experience to the B2B industry, and continue to be at the forefront of digital innovation at the intersection of technology and distribution. We have rapidly grown to over $1 billion in annual revenue and we’re just getting started!

Primary Function:

This individual will serve as a thought leader and security expert for Zoro and is responsible for evaluating, implementing, and managing security tools designed to identify, protect, detect, respond, and monitor the cloud infrastructure and SaaS applications Zoro utilizes. They will also assess, recommend, and develop security controls for existing systems and applications operating in our environment. As a Senior Cloud Security Engineer, it will also be their responsibility to help promote positive change and build a security-aware technology culture within the Cloud Operations and surrounding organizations.

Duties and Responsibilities:

Design highly available, scalable, and resilient security solutions leveraging both cloud-agnostic and cloud-native tools within GCP and AWS.
Design and implement container security enhancements.
Design, implement and monitor solutions for network and landing zone security, server and container image hardening, identity and access management (IAM), data security, patch management, application security, secrets management.
Design and implement automated security processes and controls to increase operational effectiveness and reduce manual processes.
Lead collaborative design of solutions to meet remediation requirements from audits, security reviews, vulnerability scans, external regulatory changes, PEN Tests, and PCI changes.
Lead automation efforts to minimize manual work, ensure compliance goals, and support continuous delivery frameworks and tools.
Own, lead and manage the security vulnerability management program and remediation process across systems and component owners.
Assess and implement monitoring tools to support operational and security incident response processes.
Strengthen the data security approach by improving the preventative, detective, and corrective solutions.
Lead in selecting security vendors and tools and managing vendor relationships.
Research, analyze and assess threats and risks.
Interface with teams to provide high-quality and low-friction security operations services throughout the organization.
Serve as the hands-on subject matter expert for security operations.
Guide technical teams on architectural, procedural, and security best practices.
Communicate security risks and mitigation plans to business partners.
Create documentation for security tools and services.
Provide feedback on new and existing security policies.
Create and maintain security standards, guidelines, and procedures.
Stay abreast of security industry standards, technology changes, trends, and best practices.
Review and approve security infrastructure change requests.
Provide leadership, training, and mentoring to junior team members.

Qualifications:

Education:
- Bachelor’s degree in Information Systems or related degree, or equivalent job experience.
- Possess an ISACA and/or ISC2 certification, such as CISSP, CCSP, or CSX-P
Experience:
- 5+ years cloud infrastructure operations or information security risk compliance experience.
- 5+ years of experience in security engineering and operations.
- Extensive experience with GCP and/or AWS.
- Experience with SIEM tools.
- Web application security, browser security models, and application security vulnerabilities such as the OWASP Top Ten.
- Direct working experience in designing and implementing solutions to enforce security frameworks, controls, and benchmarks such as NIST Cyber Security Framework, CIS CSC, CIS Top 20, and ISO 27001.
- Strong understanding of network attacks, DDoS, phishing, email protocols/security/spam, encryption, authentication, logging and log analysis, IP and device reputation, and security rules and policies.
- Excellent organizational, communication, and interpersonal skills.
- Innovative problem solving, research, and analytical skills.
- Highly motivated self-starter.
- Strong sense of ownership and driven to manage tasks to completion.
Preferred:
- Certified Information Systems Security Professional (CISSP).
- Google Professional Cloud Security Engineer.

Total Rewards

Zoro’s total compensation plan includes our Zoro Incentive Plan (ZIP) that is designed to foster and reward our team members for strong performance. Total compensation will be highly competitive.

In addition to competitive compensation, Zoro offers comprehensive benefits and perks including:

Medical, dental, vision, and life insurance plans with coverage starting on day one of employment
Maternity support programs, nursing benefits, and up to 14 weeks paid leave for birth parents and up to 4 weeks paid leave for non-birth parents. We also support growing your family through access to adoption assistance program
6 free sessions each year with a licensed therapist and Wellhub portal membership to support your mental and emotional wellbeing
At least 18 paid time off days annually for full-time employees and 6 company holidays per year
6% company contribution to a 401K Retirement Savings Plan each pay period, no employee contribution required
Tuition reimbursement, student loan refinancing and access to financial counseling, education, and tools
Charitable Gift Program - match gift to an eligible educational, cultural, community health, and human service organizations
Employee discounts and admission to various civic and cultural institutions around Chicago
Zoro office perks including coffee bar, beer on tap, unlimited snacks, access to the onsite gym, and incredible city skyline views

For additional information and details regarding our benefits and our parent company, W. W. Grainger, please click on the link here.

The pay range provided is not a guarantee of compensation. The range listed reflects the expected base pay for this position at the time of posting, based on the role's job grade. Actual compensation may vary depending on factors such as location, relevant experience and individual qualifications.

Illinois

$102,800—$171,300 USD

Our Culture

Zoro was founded in 2011 with a simple idea: make it easy for businesses to get the tools, parts, and supplies they need to keep things running. We've grown by staying curious, moving quickly, and solving everyday challenges in smart, practical ways. Backed by W.W. Grainger and inspired by our endless assortment business model, we’re on a clear path toward our next big milestone: $2 billion in revenue—and beyond.

At Zoro, we don’t just follow a playbook—we help build it. You’ll get to work on real problems with a supportive team that shares ideas freely, learns from each other, and celebrates wins together. Our culture is grounded in values that guide how we show up every day: Winning & Learning Together, Being Customer Obsessed, Being Transparent, and Taking Ownership. We don’t have all the answers, but we’re always asking good questions.

Zoro’s culture has been recognized by Fortune, Best Places to Work, and Built In Chicago—but the recognition we care about most comes from our team members, who make this place what it is.

We also know that flexibility matters. Our hybrid work model gives you space to focus and the flexibility to live your life — asking team members to be onsite at least two days a week. Our Chicago HQ (right above Ogilvie Transportation Center in the Accenture Tower) is always open and ready for connection, collaboration, or just a good cup of coffee.

At Zoro, we’re growing fast toward big aspirations — and we’re continuously excited about the new challenges we get to solve together.

We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex (including pregnancy), national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or expression, protected veteran status, or any other protected characteristic under federal, state, or local law. We are proud to be an equal opportunity workplace. We are also committed to fostering an inclusive, accessible work environment that includes both providing reasonable accommodations to individuals with disabilities during the application and hiring process as well as throughout the course of one’s employment. Should you need a reasonable accommodation during the application and selection process, including, but not limited to use of our website, any part of the application, interview, or hiring process, please advise us so that we can provide appropriate assistance.

Sr. Cloud Security Engineer

Related Jobs

Program Manager (Deputy Garrison Commander)

SUPV HR SPEC (MILITARY) (TITLE 32)

Program Manager (Deputy Garrison Commander)

SUPERVISORY GENERAL ENGINEER

FACILITY MANAGER

CBP OFFICER (CONTAINER SECURITY-TEAM LEAD)