Sr Analyst, Information Security

About Lowe s Lowe s is a FORTUNE 100 home improvement company serving approximately 16 million customer transactions a week in the United States With total fiscal year 2024 sales of more than 83 billion Lowe s operates over 1 700 home improvement stores and employs approximately 300 000 associates Based in Mooresville N C Lowe s supports the communities it serves through programs focused on creating safe affordable housing improving community spaces helping to develop the next generation of skilled trade experts and providing disaster relief to communities in need For more information visit Lowes com Lowe s India the Global Capability Center of Lowe s Companies Inc is a hub for driving our technology business analytics and shared services strategy Based in Bengaluru with over 4 500 associates it powers innovations across omnichannel retail AI ML enterprise architecture supply chain and customer experience From supporting and launching homegrown solutions to fostering innovation through its Catalyze platform Lowe s India plays a pivotal role in transforming home improvement retail while upholding strong commitment to social impact and sustainability For more information visit Your Impact The primary purpose of this role is to lead the implementation and ongoing delivery of information security tools and processes This includes responsibility for creating executing and improving processes and procedures with limited direct guidance from more senior level security associates This role solves complex problems while creating and optimizing processes and often takes a lead role in implementing new services and technologies This role requires a strong understanding of most tools and processes supported by the team including many of the key integration points with other parts of technology works mostly independently and provides coaching and direction to more junior level associates SOC Senior Analyst specializing in threat hunting and cyber threat intelligence CTI Adept at detecting advanced adversary activity uncovering stealthy tactics and transforming raw intelligence into actionable defense strategies Proficient in SIEM EDR XDR malware analysis and intelligence frameworks Recognized for strong analytical skills incident response leadership and mentoring junior analysts What You Will Do Threat Hunting Hypothesis-driven hunts leveraging MITRE ATT CK anomaly detection and custom detection rules Threat Intelligence Collection analysis and operationalization of intel tracking adversary TTPs producing reports and advisories Incident Response Lead triage containment and eradication of complex incidents root cause analysis and documentation Detection Engineering Develop Sigma YARA rules KQL SPL queries and enrichment scripts Collaboration Work with Red Team and intel-sharing communities mentor junior analysts Minimum Qualifications 4 years of experience in information security Bachelor s degree in computer science computer information systems engineering business administration cybersecurity or related field Core Responsibilities Threat Hunting Conduct hypothesis-driven and intelligence-led threat hunts across enterprise environments Identify hidden adversary tactics techniques and procedures TTPs leveraging MITRE ATT CK Develop custom detection use cases scripts and queries e g Splunk Elastic Sentinel Threat Intelligence Collect analyze and operationalize threat intel from internal and external sources Track adversary groups campaigns and emerging malware families Enrich SIEM SOAR detections with CTI feeds and IOCs Produce intel reports and threat advisories for leadership and SOC teams SOC Operations Incident Response Lead triage and investigation of high-severity incidents Coordinate with IR teams to contain and eradicate advanced threats Perform root cause analysis and document lessons learned Collaboration Mentoring Partner with Red Team to enhance detection coverage Mentor junior analysts in hunting techniques malware basics and intel tradecraft Preventive Forward-Looking Edge Build custom threat hunting playbooks to stay ahead of adversaries Integrate AI ML-assisted detection to reduce false positives Continually map detection coverage against MITRE ATT CK gaps Preferred Skills Education IT experience in the retail industry SIEM Splunk ELK Elastic Microsoft Sentinel EDR XDR CrowdStrike Carbon Black Defender for Endpoint Threat Hunting YARA rules Sigma custom queries KQL SPL CTI Tools MISP ThreatConnect Anomaly Recorded Future Scripting Python PowerShell Bash for automation data enrichment Networking Protocols TCP IP HTTP S DNS SMTP SSL TLS Malware Forensics Static Dynamic analysis sandboxing memory forensics Volatility Redline GIAC Cyber Threat Intelligence GCTI SANS Threat Hunting IR GCFA GREM optional for forensics malware Certified Threat Intelligence Analyst CTIA - EC-Council Certified Information Systems Security Professional CISSP GIAC Certified Incident Handler GCIH Certified Ethical Hacker CEH GIAC Penetration Tester Certification GPEN Practical Network Penetration Tester PNPT eLearnSecurity Certified Professional Penetration Tester eCPPT CompTIA Security Certification CompTIA PenTest Certification Or other relevant information security certifications Lowe s is an equal opportunity employer and administers all personnel practices without regard to race color religious creed sex gender age ancestry national origin mental or physical disability or medical condition sexual orientation gender identity or expression marital status military or veteran status genetic information or any other category protected under federal state or local law