About Lowes
Lowe s is a FORTUNE 100 home improvement company serving approximately 16 million customer transactions a week in the United States. With total fiscal year 2024 sales of more than $83 billion, Lowe s operates over 1,700 home improvement stores and employs approximately 300,000 associates. Based in Mooresville, N.C., Lowe s supports the communities it serves through programs focused on creating safe, affordable housing, improving community spaces, helping to develop the next generation of skilled trade experts and providing disaster relief to communities in need. For more information, visit Lowes.com.
Lowe s India, the Global Capability Center of Lowe s Companies Inc., is a hub for driving our technology, business, analytics, and shared services strategy. Based in Bengaluru with over 4,500 associates, it powers innovations across omnichannel retail, AI/ML, enterprise architecture, supply chain, and customer experience. From supporting and launching homegrown solutions to fostering innovation through its Catalyze platform, Lowe s India plays a pivotal role in transforming home improvement retail while upholding strong commitment to social impact and sustainability. For more information, visit Lowes India
Your Impact
The primary purpose of this role is to lead the implementation and ongoing delivery of information security tools and processes. This includes responsibility for creating, executing, and improving processes and procedures with limited direct guidance from more senior level security associates. This role solves complex problems while creating and optimizing processes and often takes a lead role in implementing new services and technologies. This role requires a strong understanding of most tools and processes supported by the team, including many of the key integration points with other parts of technology, works mostly independently, and provides coaching and direction to more junior level associates. SOC Senior Analyst, specializing in threat hunting and cyber threat intelligence (CTI). Adept at detecting advanced adversary activity, uncovering stealthy tactics, and transforming raw intelligence into actionable defense strategies. Proficient in SIEM, EDR/XDR, malware analysis, and intelligence frameworks. Recognized for strong analytical skills, incident response leadership, and mentoring junior analysts. What You Will Do
-
Threat Hunting: Hypothesis-driven hunts leveraging MITRE ATT&CK, anomaly detection, and custom detection rules.
-
Threat Intelligence: Collection, analysis, and operationalization of intel; tracking adversary TTPs; producing reports and advisories.
-
Incident Response: Lead triage, containment, and eradication of complex incidents; root cause analysis and documentation.
-
Detection Engineering: Develop Sigma/YARA rules, KQL/SPL queries, and enrichment scripts.
-
Collaboration: Work with Red Team, and intel-sharing communities; mentor junior analysts.
Minimum Qualifications
4 years of experience in information security Bachelors degree in computer science, computer information systems, engineering, business administration, cybersecurity, or related field
Core Responsibilities Threat Hunting: - Conduct hypothesis-driven and intelligence-led threat hunts across enterprise environments.
- Identify hidden adversary tactics, techniques, and procedures (TTPs) leveraging MITRE ATT&CK.
- Develop custom detection use cases, scripts, and queries (e.g., Splunk, Elastic, Sentinel).
Threat Intelligence: - Collect, analyze, and operationalize threat intel from internal and external sources.
- Track adversary groups, campaigns, and emerging malware families.
- Enrich SIEM/SOAR detections with CTI feeds and IOCs.
- Produce intel reports and threat advisories for leadership and SOC teams.
SOC Operations & Incident Response:
- Lead triage and investigation of high-severity incidents.
- Coordinate with IR teams to contain and eradicate advanced threats.
- Perform root cause analysis and document lessons learned.
- Collaboration & Mentoring:
- Partner with Red Team to enhance detection coverage.
- Mentor junior analysts in hunting techniques, malware basics, and intel tradecraft.
Preventive & Forward-Looking Edge - Build custom threat hunting playbooks to stay ahead of adversaries.
- Integrate AI/ML-assisted detection to reduce false positives.
- Continually map detection coverage against MITRE ATT&CK gaps.
Preferred Skills/Education
-
IT experience in the retail industry
-
SIEM: Splunk, ELK/Elastic, Microsoft Sentinel
-
EDR/XDR: CrowdStrike, Carbon Black, Defender for Endpoint
-
Threat Hunting: YARA rules, Sigma, custom queries (KQL, SPL)
-
CTI Tools: MISP, ThreatConnect, Anomaly, Recorded Future
-
Scripting: Python, PowerShell, Bash (for automation & data enrichment)
-
Networking & Protocols: TCP/IP, HTTP/S, DNS, SMTP, SSL/TLS
-
Malware & Forensics: Static/Dynamic analysis, sandboxing, memory forensics (Volatility, Redline)
-
GIAC Cyber Threat Intelligence (GCTI)
-
SANS Threat Hunting & IR (GCFA / GREM optional for forensics/malware)
-
Certified Threat Intelligence Analyst (CTIA EC-Council)
-
Certified Information Systems Security Professional (CISSP)
-
GIAC Certified Incident Handler (GCIH)
-
Certified Ethical Hacker (CEH)
-
GIAC Penetration Tester Certification (GPEN)
-
Practical Network Penetration Tester (PNPT)
-
eLearnSecurity Certified Professional Penetration Tester (eCPPT)
-
CompTIA Security+ Certification
-
CompTIA PenTest+ Certification
-
Or other relevant information security certifications
