Essential Responsibilities:
- Research and assess the security capabilities and functionality of new or existing allied and cloud security platforms, and perform gap and/or integration analysis as needed
- Recommend specific tools and processes to maximize monitoring and response capability
- Support logging and collection of security event data and transmission to technology components for security incident analysis
- Manage the day-to-day monitoring and incident response function for allied and cloud environments
- Work with SOC Tier III analysts to develop and test monitoring and alerting use cases and maintain documentation
- Support the development of on premise allied and cloud-based security alerts based on both OEM and in-house developed detection logic
- Assist with the configuration of SIEM tools to analyze security event data, detect suspicious activity, and alert on potential security incidents
- Use of native cloud platform security tools and management consoles
- Escalates cyber security events according to Lowe’s Incident Response Plan, as needed
- Collaborates with technical teams to identify, resolve, and mitigate events
- Collaborates with technical, project & other stakeholder teams as needed to onboard new allied business into the SOC’s shared service model
- Develops products and reports that can be sent for awareness to various groups and levels of leadership
- Regularly works to reduce the attack surface of the organization by assessing risks, threats and vulnerabilities and implementing solutions or countermeasures
- Maintain an awareness of information security news and trends
Functional Competencies:
- Working knowledge of Splunk, and knowledge of syslog and Windows/Azure/O365/GCP event log formats
- Working knowledge of Microsoft cloud platforms, to include knowledge of all feature sets applicable to security event detection and monitoring. Understanding of security log/event import/export capabilities, i.e. push or pull to SIEM
- Working knowledge of Google cloud platforms, to include knowledge of all feature sets applicable to security event detection and monitoring. Understanding of security log/event import/export capabilities, i.e. push or pull to SIEM
- Intermediate understanding of Windows and Unix security: OS lockdown; logging and monitoring; application security; user access
- Intermediate knowledge of perimeter protection principles: understanding the rules of network communication
- Advanced understanding of incident response activities: detecting, analyzing, and responding to various types of malicious activity
- Intermediate to advanced knowledge of SOC runbooks, SOPs and knowledge management functions.
- Basic to Intermediate knowledge of Security Orchestration, Automation and Response platforms.
About Lowe’s:
Lowe’s Companies, Inc. (NYSE: LOW) is a FORTUNE® 50 home improvement company serving approximately 18 million customers a week in the United States and Canada. With fiscal year 2019 sales of $72.1 billion, Lowe’s and its related businesses operate or service more than 2,200 home improvement and hardware stores and employ approximately 300,000 associates. Based in Mooresville, N.C., Lowe’s supports its hometown Charlotte region and all communities it serves through programs focused on creating safe, affordable housing and helping to develop the next generation of skilled trade experts. For more information, visit Lowes.com.
About Lowe’s in the Community:
As a FORTUNE® 50 home improvement company, Lowe’s is committed to creating safe, affordable housing and helping to develop the next generation of skilled trade experts through nonprofit partnerships. Across every community we serve, Lowe’s associates donate their time and expertise through the Lowe’s Heroes volunteer program. For the latest news, visit Newsroom.Lowes.com or follow @LowesMedia on Twitter.
Lowe’s is an equal opportunity affirmative action employer and administers all personnel practices without regard to race, color, religion, sex, age, national origin, disability, sexual orientation, gender identity or expression, marital status, veteran status, genetics or any other category protected under applicable law.