Contractors’ Warehouse —
Senior Cybersecurity SIEM Engineer (Remote)

Position Purpose:

The Home Depot is seeking a skilled Senior Cybersecurity Engineer with expertise on SIEM platforms such as Cortex XSIAM, Splunk, or similar tools. The ideal candidate will be responsible for maintaining and optimizing SIEM configurations to enhance threat detection and incident response capabilities, developing and fine-tuning detection use cases, and collaborating with SOC to support incident response efforts to protect enterprise assets.

Job Description:

• Maintain day to day operational health monitoring of SIEM infrastructure and data feeds
• Coordinate or perform troubleshooting and break/fix efforts during service downtime
• Collaborate with external teams to onboard new data sources
• Apply event data to existing security use cases and models
• Write custom extractions in RegEx
• Validate appropriate extraction, parsing, and formatting in event data
• Coordinate with technology teams to ensure appropriate log level configurations
• Review and filter events to reduce unnecessary log ingestion
• Conduct research to baseline normal activity and tune out noise from alerting
• Tune security use cases and models to provide high fidelity alerting
• Develop and configure dashboards for monitoring event trends and alerts
• Configure reporting to provide key metrics and trends to leadership
• Collaborate to develop new, custom security use cases, log correlations, and data models
• Collaborate to send alerting to Incident Management and/or SOAR platforms
• Collaborate to integrate automation with the SIEM platform
• Collaborate to ingest and apply enrichment data in the platform
• Review, test, and perform upgrades to SIEM platform
• Maintain updated service documentation
• Create and maintain alert use case documentation
• Provide subject matter expertise for SIEM platform and processes
• Perform other related duties as assigned

Required Skills:

• 3+ years of cyber security work experience
• 1+ years of SIEM specific work experience with platforms such as Cortex XSIAM, Splunk, etc.
• Good understanding of networking infrastructure concepts, technologies, and protocols
• Capable of identifying gaps in logging/monitoring and recommending solutions
• Able to bridge the gap between technical and non-technical constituents
• Solid people, team, and communication skills

Preferred Skills:

• CCSP, SSCP, GCDA, GSEC, or equivalent certifications
• SIEM vendor specific certifications
• Experience with PCI compliant environment
• Incident Response / forensic work experience
• Experience working with cloud-based solutions, such as Azure, GCP
• Experience with Linux/Unix Administration
• Experienced with writing formal reports

Key Responsibilities:

• 100% Deliver Execution, Plans & Align, Problem Solving – Design automation workflows and capabilities in support of data collection, investigation and incident response Develop threat hunting and data analysis strategy and capabilities Identify and propose new technologies, methodologies and/or approaches to detecting malicious activity Utilize indicators to scope and respond proactively to emerging threats Design, build, configure, maintain and monitor cybersecurity threat defense capabilities and user access management

Direct Manager/Direct Reports:

• This Position typically reports to Manager or Sr. Manager
• This Position has 0 Direct Reports

Travel Requirements:

• No travel required.

Physical Requirements:

• Most of the time is spent sitting in a comfortable position and there is frequent opportunity to move about. On rare occasions there may be a need to move or lift light articles.

Working Conditions:

• Located in a comfortable indoor area. Any unpleasant conditions would be infrequent and not objectionable.

Minimum Qualifications:

• Must be eighteen years of age or older.
• Must be legally permitted to work in the United States.

Minimum Education:

• The knowledge, skills and abilities typically acquired through the completion of a high school diploma and/or GED.

Preferred Education:

• No additional education

Minimum Years of Work Experience:

• 3+

Competencies:

• Action Oriented
• Collaborates
• Communicates Effectively
• Customer Focus
• Drives Results

Benefits offered include health care benefits, 401K, ESPP, paid time off, and success sharing bonus.  For a full list of the various benefits The Home Depot offers, visit https://careers.homedepot.com/our-benefits.