Position Purpose:
The Home Depot is seeking Cybersecurity Analysts to join the Cloud Security Operations Team. On a day-to-day basis you will be responsible for supporting performing vulnerability assessment and remediation activities and serve as a technical resource on various IT projects. We are looking for someone who is self-motivated, resourceful, and works well in a team environment. It is important that you have a growth mindset. The tactics, techniques, and procedures used by adversaries continues to evolve, so it’s important that learning and advancement be a priority.
The Cloud Security Analyst is an information security professional that leads evaluating, developing, and implementing security tools, standards, procedures, and guidelines for multiple platforms in private and commercial cloud environments as needed. This position will have a focus on cloud and application security and will utilize a wide area of expertise in access control management, cybersecurity, vulnerability management, risk management, incident management, security frameworks and other areas to provide security support for the business. In addition, they will also maintaining day-to-day operations of multiple security platforms and tools while working to continuously strengthen the security posture of the business.
As a primary technical point of contact for the Cloud Security Operations services, the Analyst must be adept at building relationships with partner teams, business communication, and possess strong interpersonal skills.
Develops security auditing program and assists in identifying and mitigating security vulnerabilities with cloud services.
Develops mitigation strategies in response to identified risks from internal/external audits and security assessments.
Coordinates with Cybersecurity Operations Center to effectively monitor cloud services and support security incidents.
Uses knowledge of Cloud environment to scope the extent and impact of any vulnerability, attack or breach.
A mindset of continuous growth, curiosity, and asking WHY?
Skills and Responsibilities
Proficiency in working as part of a collaborative, cross-functional, modern engineering team.
Responsible of creating and maintaining documentation for applications, processes, and procedures
A strong understanding of various cloud service delivery models including IaaS, SaaS, and PaaS; automation; containers; virtual compute, storage, and networks; virtual infrastructure management; self-provisioning; and scaling.
Ability to work with application and security teams to promote a secure posture in the cloud.
Experience with evaluating vulnerability and threat information to assess, measure and prioritize mitigations based on risk across different technology platforms including Cloud IaaS, PaaS and SaaS.
Experience with Public Cloud Providers(GCP, AWS, Azure)
Experience with cloud container technologies such as Docker and Kubernetes
Experience in participating in DevSecOps processes and familiarity with programming practices, threat modelling and testing methodologies.
Experience with information technology security audits, risk assessments and findings remediation management
Basic understanding of Cybersecurity Governance patterns: Policy -> Standards -> Control Solutions
Basic Network Security principals - basic segmentation, firewall rules, best practices, limiting administrative ports.
Basic Data Security principals - encryption in flight, encryption at rest, DLP fundamentals
IAM fundamentals - principal of least privilege, authN, authZ, RBAC
Operating System fundamentals - preferably in the Linux space, but deep Windows skills are workable.
Intermediate to Advanced scripting / automation skills.
Knowledge of Agile methodologies and test-driven development
Experience in scripting & programming languages such as Bash, Ansible, Python, Perl, Javascript
Hands-on configuration of CI/CD pipeline security tools for cloud-native deployments
Experience implementing infrastructure-as-code concepts and technologies.
Protecting what matters most to our associates and consumers by securing our sensitive data and critical assets from current and emerging threats. At The Home Depot Cybersecurity consists of Architecture, Governance, Identity & Access Management, Internal Threat Operations, Issue and Compliance Management, Risk Assessment/Advisory, Security Consulting, Security Operations and Strategic Planning. Sr. Analysts perform data gathering, analysis, synthesis and develop solutions to support THD Cybersecurity practices.
Key Responsibilities:
50% Analysis - Synthesize data to develop a solution, communicate the solutions, present the solution to teams/stakeholders
20% Collaborate - Partner cross-functionally to identify trends and resolve issues
20% Drive Execution - Implement solutions to meet customer expectations; Ensure initiative/project goals are met in a timely manner
10% Support and Enable - Mentor junior level Analyst
Direct Manager/Direct Reports:
This Position typically reports to Manager or Sr. Manager
This Position has 0 Direct Reports
Travel Requirements:
Typically requires overnight travel less than 10% of the time.
Physical Requirements:
Most of the time is spent sitting in a comfortable position and there is frequent opportunity to move about. On rare occasions there may be a need to move or lift light articles.
Working Conditions:
Located in a comfortable indoor area. Any unpleasant conditions would be infrequent and not objectionable.
Minimum Qualifications:
Must be eighteen years of age or older.
Must be legally permitted to work in the United States.
Preferred Qualifications:
No additional qualifications
Minimum Education:
The knowledge, skills and abilities typically acquired through the completion of a bachelor's degree program or equivalent degree in a field of study related to the job.
Preferred Education:
No additional education
Minimum Years of Work Experience:
5
Preferred Years of Work Experience:
No additional years of experience
Minimum Leadership Experience:
None
Preferred Leadership Experience:
None
Certifications:
None
Competencies:
Action Oriented
Collaborates
Communicates Effectively
Customer Focus
Drives Results