SOC Tier III Cloud, Allied and Forensics Security EngineerApply Now Job ID 1539344BR Date posted 02/11/2019 Location Mooresville, NC Location Name CSC-Mooresville Address 1000 Lowes Boulevard Employment Type I Regular Employment Type II Full-Time Line of Business Corporate Department 0014 - IT Security TVM
PURPOSE OF ROLE
The SOC Tier III Cloud, Allied and Forensics Security Engineer will serve as a Subject Matter Expert (SME) for the Security Operations Center (SOC) primarily for cloud and allied platform information security, to include assessing platform capabilities, leveraging available security functionality and tools, and supporting efforts to manage monitoring and incident response. This will consist of implementation of Security Information and Event Management (SIEM) logic/rule/alert development for Lowe’s cloud and allied business monitoring and incident response initiatives with a focus on incident forensics and malware reverse engineering.
The incumbent will have shared responsibility for validating that tools and processes are effectively supporting security incident logging and monitoring objectives, and for validating the proper creation of actionable cyber security events and incidents across the Lowe’s cloud and allied business environment.
The SOC Tier III Cloud, Allied and Forensics Security Engineer works among a team of skilled technicians to address complex problems as needed within a 24x7 SOC environment following processes and procedures as identified by SOC Leadership to ensure the continuous improvement to monitoring, detection and mitigation capabilities.
- Research and assess the security capabilities and functionality of new or existing cloud platforms, and perform gap and/or integration analysis as needed
- Recommend specific tools and processes to maximize monitoring and response capability
- Support logging and collection of security event data and transmission to technology components for security incident analysis
- Ensure the completeness and accuracy of security event data by ongoing monitoring of log sources
- Work with SOC Tier III analysts to develop and test monitoring and alerting use cases and maintain documentation
- Apply best practices in the development of on-premise and cloud-based security alerts based on both OEM and in-house developed detection logic
- Assist with the configuration of SIEM tools to analyze security event data, detect suspicious activity, and alert on potential security incidents
- Identify decommissioned, irrelevant or obsolete log sources
- Validate logging system field extractions and provide feedback as needed
- Use of native cloud platform security tools and management consoles
- Develop log aggregation system alerts and searches across instances, including allied businesses
- Escalate cybersecurity events according to Lowe’s Incident Response Plan, as needed
- Collaborate with technical teams to identify, resolve, and mitigate events
- SME on incident forensics (host, network and preferably cloud environments) and malware reverse engineering.
- Develop products and reports that can be sent for awareness to various groups and levels of leadership
- Bachelor’s Degree in related field and 6 years of experience in Information and Network Security OR 8 years of IT experience to include 2 years of Information and Network Security
- Strong technical, analytical, interpersonal, communication and writing skills.
- Strong verbal and written communication skills with the ability to work in a team
- Basic understanding of fundamental security and network concepts (Operating systems, intrusion/detection, TCP/IP, ports, etc.)
- Willing to work in a team-oriented 24/7 SOC environment; flexibility to work on a rotating schedule (including occasional shift work)
- Knowledge of Splunk, and knowledge of Syslog and Windows/Azure/O365/GCP event log formats
- Knowledge of Microsoft cloud platforms, to include knowledge of all feature sets applicable to security event detection and monitoring. Understanding of security log/event import/export capabilities push or pull to SIEM
- Knowledge of Google cloud platforms, to include knowledge of all feature sets applicable to security event detection and monitoring
- Understanding of security log/event import/export capabilities, i.e., push or pull to SIEM.Advanced Understanding of Windows and Unix security: OS lockdown; logging and monitoring; application security; user access
- Knowledge of cloud forensics, auditing, incident investigation, threat hunting, and threat intelligence applications.
- Advanced knowledge of host and network forensics, auditing, incident investigation, threat hunting, and threat intelligence applications
- Knowledge of perimeter protection principles: understanding the rules of network communication
- Understanding of intrusion detection and analysis methods
- Understanding of incident response activities: detecting, analyzing, and responding to various types of malicious activity
Lowe’s is an equal opportunity affirmative action employer and administers all personnel practices without regard to race, color, religion, sex, age, national origin, disability, sexual orientation, gender identity or expression, marital status, veteran status, genetics or any other category protected under applicable law.Apply Now Email Job
Nebraska is still recovering from historic flooding and costly damage, but Lowe's Heroes have stepped up to help and provided critical disaster relief supplies and resources for the community. Learn more about our efforts here: http://sm.lowes.com/sWFHk1
#DYK that Lowe's employs more than 18,000 military, veterans and #militaryspouses? You could be next! #HeroesWanted Apply for #SpringHiring roles here:
Looking for a seasonal job with flexible hours and a fun environment? We've got you covered. #SpringHiring Find your fit here:
Every spring we welcome new and old friends to join us for our favorite season! Find out more about #SringHiring opportunities here:
Join our team and help us bring spring to life. Apply for #SpringHiring opportunities here:sm.lowes.com/2ayomu pic.twitter.com/kD597xf1y9
Members of the military are a special breed. That's why we want them on our team this spring. To apply for #SpringHiring jobs, click here: http://sm.lowes.com/0ZR4Qx
Lowe's was delighted to invite some of our distinguished military customers to the Final Four as a way to further thank them for their service. Learn more about our honored guests here: http://sm.lowes.com/DFREf5
Another day and another way we honor #militaryveterans and #servicemembers. Lowe's was honored to host our military customers at this year's #FinalFour. Discover the surprises we had for them at the #MarchMadness event: sm.lowes.com/KpiP6S pic.twitter.com/7opaPgxTLm