The Senior Information Security Analyst position is responsible for detecting and assessing cyber security events and incidents across the Lowe’s environment. The Senior Analyst works among a team of skilled technicians to address complex or difficult problems as needed within a 24x7 Security Operations Center (SOC) environment. The Senior Analyst also is responsible for implementing new processes and procedures as identified by the IRT (Incident Response Team) and SOC Leadership to ensure continuous improvement to monitoring, detection, and mitigation capabilities.

Essential Responsibilities:

• Monitors security incident and event management (SIEM), security orchestration and automated response (SOAR), and logging environments for security events and alerts to potential (or active) threats, intrusions, and/or compromises.

• Assists with triage of information security service requests from customers and internal teams.

• Escalates cyber security events according to Lowe’s Incident Response Plan

• Assists with containment of threats and remediation of the environment during or after an incident.

• Documents event analysis and writes comprehensive reports of security incident investigations.

• Collaborate with technical teams to identify, resolve, and mitigate information security events.

• Assists with security incident response process monitoring and improvement.

• Supports SOC Tier III functions such as threat intelligence, threat hunting, attack surface management, and investigations as needed.

• Maintain an awareness of information security news and trends.

Functional Competencies:

• Intermediate understanding of Windows, Mac, Linux, and Unix security: OS lockdown; logging and monitoring; application security; user access

• Intermediate knowledge of Microsoft, AWS, Oracle & Google cloud platforms, including knowledge of all feature sets applicable to security event detection and monitoring.

• Intermediate knowledge of perimeter protection principles: understanding the rules of network communication; understanding traffic flow, packet filtering, proxy firewalls, and network-based intrusion detection

• Intermediate knowledge of methods used to secure systems exposed to the internet and common tools to simplify the task.

• Intermediate understanding of intrusion detection and analysis methods

• Intermediate understanding of incident response activities: detecting, analyzing, and responding to various types of malicious activity

• Basic knowledge of SOC runbooks, SOPs, and knowledge management functions

Qualifications

Required Minimum Qualifications:

• Bachelor’s Degree in a related field and 4 years of experience in Information and Network Security or 6 years of IT experience including 2 years of Information and Network Security

• Strong technical, analytical, interpersonal, communication, and writing skills.

• Strong verbal and written communication skills with ability to work in a team.

• Intermediate understanding of fundamental security and network concepts (Windows and Unix security: OS lockdown; logging and monitoring; application security; user access; perimeter protection principles, understanding the rules of network communication; intrusion detection and analysis methods; etc.).

• Intermediate knowledge of Microsoft & Google cloud platforms, including knowledge of all feature sets applicable to security event detection and monitoring.

• Intermediate understanding of incident response activities: detecting, analyzing, and responding to various types of malicious activity.

• Basic knowledge of SOC runbooks, SOPs, and knowledge management functions.

• Basic knowledge of threat intelligence, threat hunting, attack surface management, and investigations support functions.

• Willing to work in a team-oriented 24/7 SOC environment; flexibility to work on a rotating schedule (including occasional shift work).

Preferred Qualifications

• “Retail experience in the Information Technology Industry

• Three or more information security certifications:

• Previous experience working in a Security Operations Center (SOC) environment.

• Experience with malware analysis

• Experience as a team leader or incident coordinator

About US

Lowe’s Companies, Inc. (NYSE: LOW) is a FORTUNE® 50 home improvement company serving approximately 16 million customer transactions a week in the United States. With total fiscal year 2023 sales of more than $86 billion, Lowe’s operates over 1,700 home improvement stores and employs approximately 300,000 associates. Based in Mooresville, N.C., Lowe’s supports the communities it serves through programs focused on creating safe, affordable housing and helping to develop the next generation of skilled trade experts. For more information, visit www.Lowes.com

Lowe’s is an equal opportunity employer and administers all personnel practices without regard to race, color, religious creed, sex, gender, age, ancestry, national origin, mental or physical disability or medical condition, sexual orientation, gender identity or expression, marital status, military or veteran status, genetic information, or any other category protected under federal, state, or local law.

Pay Range for CA, CO, HI, NJ, NY, WA: $92,300.00 - $175,400.00 annually Starting rate of pay may vary based on factors including, but not limited to, position offered, location, education, training, and/or experience. For information regarding our benefit programs and eligibility, please visit https://talent.lowes.com/us/en/benefits.