Do you like finding evil? Are correlated rules second nature to you? Enjoy large datasets? The Home Depot is looking for someone to help its Threat Detection & Response Center perform threat hunting, signal development, and to aid in the incident response process. This is considered a tier 3 role and acts as a final escalation point for critical severity issues. The role also acts as a subject matter expert for all topics related to detection and response.
The constituency is made up of more than 180,000 end points covering 2,300 sites. The network supports over 300,000 users. The group has access to over 400Gbps of network traffic via an impressive tap aggregation network and takes in over 200,000 curated events per second. Additionally, there is also access to operational logging which takes in over 500,000 events per second. The team has lots of flexibility in the tools that are used and open source is preferred.The Staff Systems Engineer develops, maintains, and supports The Home Depot's technical infrastructure that includes network, hardware, database, and system software components. The Staff Systems Engineer is responsible for collaborating with and enabling product teams with infrastructure. Staff Systems Engineers are expected to leverage tooling and custom applications to monitor and optimize performance. Staff Systems Engineers lead the stand up of physical and virtual infrastructure to meet evolving enterprise and product team needs. In addition, Staff Systems Engineers may lead the selection and rollout of field and corporate technology.
As a Staff Systems Engineer, you will be a core player that participates and leads multiple efforts simultaneously. You are expected to build and grow the skillsets of more junior Engineers on the team.
MAJOR TASKS, RESPONSIBILITES AND KEY ACCOUNTABILITIES
20% - Strategy & Planning:
Researches and analyzes business trends and behavioral data to identify opportunities for improvements and new initiatives
Leads the evaluation, development, and recommendation of specific technology products and platforms to provide cost-effective solutions that meet business and technology requirements
Researches and designs best fit infrastructure, network, database, and security architectures for products
Proactively creates and maintains tools for monitoring and support
Participates in project planning and management across multiple efforts
Develops formal training courses
30% - Delivery & Execution:
Leads configuration, debugging, and support for infrastructure
Leads field and corporate roll-outs of technology
Leads the stand up of necessary system software, hardware, and equipment (physical or virtual) to meet changing infrastructure needs
Creates and optimizes specifications for technology solutions
Produces and manages purchase requests for hardware and software
40% - Support & Enablement
NATURE AND SCOPE
Typically reports to the Systems Engineer Manager or Sr. Manager.
ENVIRONMENTAL JOB REQUIREMENTS
Located in a comfortable indoor area. Any unpleasant conditions would be infrequent and not objectionable.
Typically requires overnight travel less than 10% of the time.
Additional Environmental Job Requirements:
Must be eighteen years of age or older.
Must be legally permitted to work in the United States.
Additional Minimum Qualifications:
Must be legally permitted to work in the United States
The knowledge, skills and abilities typically acquired through the completion of a bachelor's degree program or equivalent degree in a field of study related to the job.
Years of Relevant Work Experience: 3 years
Most of the time is spent sitting in a comfortable position and there is frequent opportunity to move about. On rare occasions there may be a need to move or lift light articles.
We are looking for someone with the following interests:
- Incident response
- Correlating lots of data
- Network security monitoring
- Endpoint security analysis
- Malware analysis
The ideal candidate has the following skills:
- A very solid understanding of the modern attack chain and offensive security
- A very solid understanding of the protocols and technologies related to enterprise security to include ip, tcp, udp, http, dns, etc
Experience with the following technologies is nice to have:
Scripting ability is nice. We use python, go, and rust.
Professional experience in two of the following areas: Infrastructure Engineering, Network Engineering, Database Engineering, or Security Engineering; familiarity with at least one other, and interest in the growing in the remaining disciplines
Proficiency in working as part of a collaborative, cross-functional, modern engineering team
Proficiency in infrastructure, network, database, or security troubleshooting and remediation; experience with at least one other
Proficiency in installing and upgrading applications or databases and performing system maintenance
Experience with networking, system and hardware design and architecture, DBMS concepts, SQL programming, and client server concepts
Proficiency with debuggers, runtime analysis, library systems, compiled programming, and software update tools
Proficiency in system and environment analysis, design, and optimization
Experience with object oriented programming languages (preferably Java), distributed computing environments, and code reviews
Experience with system security design and management
Experience with disaster recovery planning and engineering
Proficiency in monitoring the operational status and performance of, and configuring as well as tuning, systems, networks, or databases
Proficiency in operating system commands and utilities as well as scripting
Proficiency working with cloud platforms such as GCP and Azure
Proficiency in supporting a 24x7 retail operation
Knowledge, Skills, Abilities and Competencies:
Cultivates Innovation: Creating new and better ways for the organization to be successful
Action Oriented: Taking on new opportunities and tough challenges with a sense of urgency, high energy, and enthusiasm
Business Insight: Applying knowledge of business and the marketplace to advance the organization’s goals
Collaborates: Building partnerships and working collaboratively with others to meet shared objectives
Communicates Effectively: Developing and delivering multi-mode communications that convey a clear understanding of the unique needs of different audiences
Drives Results: Consistently achieving results, even under tough circumstances
Global Perspective: Taking a broad view when approaching issues; using a global lens
Interpersonal Savvy: Relating openly and comfortably with diverse groups of people
Manages Ambiguity: Operating effectively, even when things are not certain or the way forward is not clear
Optimizes Work Processes: Knowing the most effective and efficient processes to get things done, with a focus on continuous improvement
Self-Development: Actively seeing new ways to grow and be challenged, using both formal and informal development channels
Situational Adaptability: Adapting approach and demeanor in real time to match the shifting demands of different situations
We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state or local protected class.