Contractors’ Warehouse —
Senior Cybersecurity Analyst – Cyber Threat Intel (Remote)

The Home Depot’s Cyber Threat Intelligence team is looking for a seasoned cyber defender, who has the experience and skills to think like an attacker, and use lessons learned to improve the defense of the organization. This role will involve thinking outside of the box to identify threats that could potentially impact one of the largest retailers in North America. Expertise in threat modeling, and an understanding of how security and privacy controls affect the wider organization are key to the role. Real World experience using the MITRE ATT&CK framework is a big plus. This role will support Actor Emulation and Threat Modeling activities within the Cyber Threat Intelligence team.  

Role Description: Security Operations – Senior Cybersecurity Analyst: 

• Ability to compose well written reports and documentation that may be distributed to large parts of the organization and senior leadership. 

• Technical understanding of the MITRE ATT&CK Framework. 

• Familiarity with project planning and process design. 

• Hands on experience with MITRE ATT&CK Threat Modeling. 

• Experience and knowledge in Indicator of Compromise (IoC) and Indicator of Attack (IoA) threat hunting. 

• Has a growth mindset, and is interested in learning the basic tools and processes that The Home Depot Cybersecurity department has invested in. This includes willingness to learn defensive mitigations such as Sigma and Yara rules 

• Familiarity with intelligence writing and structured analytic techniques such as analysis of competing hypotheses, "Devil's Advocate", and others. 

• The ability to research and produce large amounts of technical and non-technical data into written and actionable reporting. 

• A very solid understanding of the modern attack chain and working collaboration with Purple Teams. 

• Cyber Threat Intelligence experience such as familiarity with security researchers, vendors, and open source reporting.  

• Familiar with researching cyber adversary TTPs, IOCs, malware and infrastructure 

• Familiarity with common threat intelligence subscriptions such as Domain Tools, and Virus Total, Shodan. 

• Familiarity with industry standard frameworks such as MITRE ATT&CK, Cyber Kill-chain, NIST SP-800-53, and D3FEND. 

Must Haves: 

• Experience with OSINT research on Threat Actors/Emerging Threats/APT’s 

• Previous cybersecurity experience 

• Experience using industry standard frameworks such as Cyber Kill-chain, NIST SP-800-53, D3FEND, and the MITRE ATT&CK Framework 

• Previous technical reporting experience 

• Familiarity working within or with Security Operation Teams 

• Collaborative Mindset 

• Curious and Open Minded 

• Understanding of cyber adversary TTPs 

Nice to Have’s 

• Bachelor’s or Master’s Degree in Cybersecurity (or related field) 

• Retail Business understanding 

• Industry standard certifications such CISSP, CISA, CISM, GCTI, GOSI 

• Familiarity with CREST, NIST, ISO 

• Experience with RecordedFuture, Greynoise, Shodan, Netcraft 

• Experience creating attack paths with OSINT