Analyst, Information Security

The Information Security Analyst position is responsible for detecting and assessing cyber security events and incidents across the Lowe’s environment. The Analyst works among a team of skilled technicians to address complex or difficult problems as needed within a 24x7 Security Operations Center (SOC) environment. The Analyst also is responsible for following processes and procedures as identified by the IRT (Incident Response Team) and SOC Leadership to ensure continuous improvement in monitoring, detection, and mitigation capabilities.

Essential and Core Responsibilities:

• Monitors security incident and event management (SIEM), security orchestration, and automated response (SOAR) and logging environments for security events and alerts to potential (or active) threats, intrusions, and/or compromises.
• Assists with triage of information security service requests from customers and internal teams.
• Escalates cyber security events according to Lowe’s Incident Response Plan
• Assists with containment of threats and remediation of the environment during or after an incident.
• Documents event analysis and writes comprehensive reports of security incident investigations.
• Collaborate with technical teams to identify, resolve, and mitigate information security events.
• Supports SOC Tier III functions such as threat intelligence, threat hunting, attack surface management, and investigations as needed.
• Maintain an awareness of information security news and trends.

Functional Competencies:

• Basic understanding of Windows, Mac, Linux, and Unix security: OS lockdown; logging and monitoring; application security; user access
• Basic knowledge of cloud security issues, constructs, and monitoring.
• Basic knowledge of perimeter protection principles: understanding the rules of network communication.
• Basic knowledge of methods used to secure systems exposed to the internet and common tools to simplify the task.
• Intermediate understanding of intrusion detection and analysis methods
• Intermediate understanding of incident response activities: detecting, analyzing, and responding to various types of malicious activity

Core Competencies

Being Organizationally Savvy – The ability to maneuver well to accomplish work within own function and with strategic business partners. This includes the ability to build and grow a network of partnerships, develop an understanding of formal and informal decision-making processes, and leverage knowledge of functional and cross-functional operations to accomplish work objectives.

Communicating Effectively – The skill to write, present, and listen effectively. This includes adjusting the amount, style, and content of the information to fit the audience. This also includes the ability to convey a compelling message.

Decision Making – The ability to solve tough and complex problems. This includes the ability to effectively glean meaning from available data, be a quick study of the new and different, add personal wisdom and experience to arrive at the best solution given the information available, and use multiple problem-solving tools and techniques.

Demonstrating Personal Flexibility – The ability to demonstrate resourcefulness and resilience in the face of change, obstacles, and adversity. This includes adapting to competing demands and shifting priorities. This also includes improving adaptability, pursuing new skills and knowledge, and regularly seeking feedback from others.

Getting Organized – The ability to be organized, resourceful, and planful. This includes the ability to leverage multiple resources to get things done and layout tasks in sufficient detail. This also includes the ability to get things done with less and in less time, work on multiple tasks at once without losing track, and foresee and plan around obstacles.

Keeping on Point – The ability to prioritize work activities. This includes identifying which tasks are most important, avoiding distractions, and dealing with setbacks in a timely manner.

Managing Diverse Relationships – The ability to relate to a wide variety of people of diverse backgrounds, opinions, and experiences. This includes being open to differences, quickly finding common ground, and being respectful of others.

Understanding the Business – Knowledge of the business and the mission-critical technical and functional skills needed to do his/her job. This includes knowledge of various types of business propositions, how businesses operate in general, and easily learning new methods and technologies.

Relating Skills – The ability to relate well to all types of people. This includes being friendly and interpersonally agile. This also includes being easy to approach and talk to, as well as having the ability to make pleasant first impressions and build solid relationships.

Problem Solving:

The primary problem that the Information Security Analyst faces is to review security events from a variety of sources to identify incidents accurately and promptly; effectively contain and recover from incidents identified; and identify the underlying root causes to prevent past events from occurring again.

Qualifications

Required Minimum Qualifications:

• Bachelor’s Degree in a related field and 2 years of experience in Information and Network Security or 4 years of IT experience including 2 years of Information and Network Security.
• Strong technical, analytical, interpersonal, communication, and writing skills.
• Strong verbal and written communication skills with ability to work in a team.
• Basic understanding of fundamental security and network concepts (Windows and Unix security: OS lockdown; logging and monitoring; application security; user access; perimeter protection principles, understanding the rules of network communication; intrusion detection and analysis methods; etc.).
• Basic knowledge of cloud security issues, constructs, and monitoring
• Willing to work in a team-oriented 24/7 SOC environment; flexibility to work on a rotating schedule (including occasional shift work).

Preferred Qualifications

• “Retail experience in the Information Technology Industry.
• Two or more IT security certifications.
• Previous experience working in a Security Operations Center (SOC) environment.
• Experience with malware analysis.
• Basic knowledge of Microsoft, AWS, Oracle & Google cloud platforms, including knowledge of all feature sets applicable to security event detection and monitoring.

About US

Lowe’s Companies, Inc. (NYSE: LOW) is a FORTUNE® 50 home improvement company serving approximately 16 million customer transactions a week in the United States. With total fiscal year 2023 sales of more than $86 billion, Lowe’s operates over 1,700 home improvement stores and employs approximately 300,000 associates. Based in Mooresville, N.C., Lowe’s supports the communities it serves through programs focused on creating safe, affordable housing and helping to develop the next generation of skilled trade experts. For more information, visit www.Lowes.com

Lowe’s is an equal opportunity employer and administers all personnel practices without regard to race, color, religious creed, sex, gender, age, ancestry, national origin, mental or physical disability or medical condition, sexual orientation, gender identity or expression, marital status, military or veteran status, genetic information, or any other category protected under federal, state, or local law.

Pay Range for CA, CO, HI, NJ, NY, WA: $75,300.00 - $143,100.00 annually Starting rate of pay may vary based on factors including, but not limited to, position offered, location, education, training, and/or experience. For information regarding our benefit programs and eligibility, please visit https://talent.lowes.com/us/en/benefits.