Cybersecurity Engineer- Application Penetration Testing at The Home Depot in Austin, TX

POSITION PURPOSE

At The Home Depot, our Cybersecurity team plays a pivotal role in creating and implementing solutions to protect our associates, customers, and communities from internal and external security threats.

The Application Security member supports The Home Depot’s security mission by performing internal application security assessments and provide tooling, training, & support for software engineering teams. As a member of the team you are required to have experience and knowledge about secure code practices, SAST, DAST and SCA tool configurations, and be able to prioritize risks.

MAJOR TASKS, RESPONSIBILITIES AND KEY ACCOUNTABILITIES

10% – Planning & Analysis:

Uses critical thinking to approach problems and create solutions

Collaborates with senior leaders on assignments

30% – Delivery & Execution:

Performs configuration, debugging, and support for infrastructure, network, database, and security solutions

Performs field and corporate roll-outs of technology

Executes basic project planning and reporting

Stands up the necessary system software, hardware, and equipment (physical or virtual) to meet changing infrastructure needs

50% – Support & Enablement:

Collaborates with product and project teams to understand needs and enable them with infrastructure

Leverages tooling and custom applications to monitor the operational status of applications, infrastructure, networks, databases, and security; optimizes and tunes performance as appropriate

Performs root cause analysis, debugging, support, and post-mortem analysis for security incidents and service interruptions

Maintains, upgrades, and supports existing systems and infrastructure to ensure operational stability

Opens and manages vendor problem tickets to resolution

Produces in-house documentation around solutions

Monitors tools and proactively helps teams struggling with systems issues

Provides application support for software running in production

Supports the creation of scripts and tools that that drive automation and enable product teams and end users to move towards self service

10% – Learning:

Keeps abreast of innovations and industry trends as well as changes to internal systems and determines how they impact tools, training, and support necessary to keep systems up, running, and secure

Participates in and contributes to learning activities around modern systems engineering core practices (communities of practice)

Proactively views articles, tutorials, and videos to learn about new technologies and best practices being used within other technology organizations

NATURE AND SCOPE

Typically reports to the Systems Engineer Manager or Sr. Manager.

Environment:

Located in a comfortable indoor area. Any unpleasant condition

Travel:

Typically requires overnight travel less than 10% of the time.

MINIMUM QUALIFICATIONS

Must be eighteen years of age or older.

Must be legally permitted to work in the United States.

Additional Minimum Qualifications:

Must be legally permitted to work in the United States

Education Required:

High School Diploma/GED

Years of Relevant Work Experience: 1+ years

Physical Requirements:

Most of the time is spent sitting in a comfortable position and there is frequent opportunity to move about. On rare occasions there may be a need to move or lift light articles. Located in a comfortable indoor area. Any unpleasant conditions would be infrequent and not objectionable.

Preferred Qualifications:

1+ years of experience performing application penetration testing on web applications, mobile, and Stand Alone

Strong knowledge with testing tools such as Burp Suite, ZAP, Fiddler, SQL map, BeEF, etc

Strong experience working with Dev Team to identify the adequate solution for application security findings

Deep understanding about SAST, DAST and SCA tools, preferably Microfocus solutions

Experience analyzing scan results to identify true and false positives

Experience creating and executing test cases for manual testing

Ability to Identify enhancements for tools

Facilitate knowledge sharing within the Team

Knowledge, Skills, Abilities and Competencies:

Collaborates: Building partnerships and working collaboratively with others to meet shared objectives

Communicates Effectively: Developing and delivering multi-mode communications that convey a clear understanding of the unique needs of different audiences

Cultivates Innovation: Creating new and better ways for the organization to be successful

Drives Results: Consistently achieving results, even under tough circumstances

Global Perspective: Taking a broad view when approaching issues; using a global lens

Interpersonal Savvy: Relating openly and comfortably with diverse groups of people

Manages Ambiguity: Operating effectively, even when things are not certain or the way forward is not clear

Nimble Learning: Actively learning through experimentation when tackling new projects