With a career at The Home Depot, you can be yourself and also be part of something bigger.
Position Purpose:
Protecting what matters most to our associates and consumers by securing our sensitive data and critical assets from current and emerging threats. At The Home Depot Cybersecurity consists of Architecture, Governance, Identity & Access Management, Internal Threat Operations, Issue and Compliance Management, Risk Assessment/Advisory, Security Consulting, Security Operations and Strategic Planning.
Staff Analysts perform data gathering, analysis, synthesis and develop solutions to support THD Cybersecurity practices. Staff Analyst mentors and guides Jr Analysts. Lead multiple projects, possess excellent communication skills, work well with a team, interact with multiple levels and functions across the organization
Key Responsibilities:
- 100% Deliver Execution, Plans & Aligns, Develop Others - Oversee multiple projects simultaneously; Strategic partner to align solutions to customers expectations Communicate to various levels of business partners; Collaborate with stakeholders, business partners, colleagues, developers and others to deliver high quality solutions; Partner cross-functionally to define assess, communicate, implement, train and change management of projects; Lead, mentor and provide guidance to team members and partners; Serve as SME and perform research/analysis within assigned projects
Direct Manager/Direct Reports:
- This position typically reports to Manager or Sr. Manager
- This position has 0 Direct Reports
Travel Requirements:
- No travel required.
Physical Requirements:
- Most of the time is spent sitting in a comfortable position and there is frequent opportunity to move about. On rare occasions there may be a need to move or lift light articles.
Working Conditions:
- Located in a comfortable indoor area. Any unpleasant conditions would be infrequent and not objectionable.
Minimum Qualifications:
- Must be eighteen years of age or older.
- Must be legally permitted to work in the United States.
Cybersecurity & Risk Expertise
- Strong working knowledge of cyber domains like the following,
- Vulnerability management (identification, prioritization, remediation tracking)
- Cloud security concepts across AWS and Azure
- Identity and access management (IAM) fundamentals
- Endpoint, logging/monitoring, and security operations concepts
- Experience managing audit, assurance, or assessment findings end‑to‑end, including:
- Ownership of findings
- Coordination of remediation plans
- Evidence collection and attestation/closure
- Familiarity with risk‑based remediation and translating technical findings into business‑relevant risk statements.
Governance, Frameworks & Assessments
- Experience supporting or contributing to cyber maturity assessments, such as those aligned to:
- NIST CSF
- Similar industry‑recognized frameworks
- Ability to synthesize assessment outputs into clear strengths, gaps, and actionable recommendations.
Stakeholder & Communication Skills
- Demonstrated ability to act as a primary cybersecurity point‑of‑contact for business or technology leaders.
- Strong written and verbal communication skills, with experience:
- Presenting to senior leadership or executives
- Producing executive‑ready reporting (QBRs, dashboards, maturity summaries)
- Proven ability to work across Cyber, Infrastructure, IT, vendors, and business stakeholders to resolve blockers and drive outcomes.
Program & Delivery Skills
- Strong organizational and planning skills, including:
- Managing review calendars and recurring forums
- Coordinating multiple stakeholders across timeframes
- Ability to independently manage workstreams from intake through delivery with minimal oversight.
- Comfortable operating in environments with incomplete information, competing priorities, and evolving risk.
Preferred Qualifications:
Advanced Experience & Exposure
- Experience working in or supporting:
- Large enterprise environments
- Multi‑OU, or high‑growth organizations
- Direct experience supporting M&A cyber due diligence and post‑close integration, including:
- Reviewing third‑party assessments or penetration tests
- Translating diligence findings into execution roadmaps
Tools & Platforms
- Hands‑on familiarity with one or more of the following (or equivalent tools):
- Archer or similar GRC platforms
- Palo XDR, CrowdStrike, Qualys, Wiz, or comparable security tools
- CMDB, vulnerability tracking, or workflow management systems
- Experience validating log source onboarding, detection use cases, and SOC coverage.
Leadership & Mentorship
- Experience informally mentoring or coaching junior analysts or team members.
- Ability to influence without authority and serve as a trusted advisor to OU leadership.
- Experience contributing to standardization, best practices, or playbooks across multiple teams or portfolios.
Minimum Education:
- Bachelor’s degree OR equivalent work experience in Cybersecurity, Information Systems, Computer Science, Engineering, or equivalent practical experience.
Preferred Education:
- No additional education
Minimum Years of Work Experience:
- 8
Preferred Years of Work Experience:
- No additional years of experience
Minimum Leadership Experience:
- None
Preferred Leadership Experience:
- None
Certifications:
- One or more of the following:
- CISSP, CISM, CRISC
- CISA (especially for audit‑heavy candidates)
- AWS/Azure security certifications
- NIST or GRC‑focused credentials
Competencies:
- Action Oriented
- Collaborates
- Drives Engagement
- Communicates Effectively
- Customer Focus
- Drives Results
- Manages Conflict
For California, Colorado, Connecticut, Rhode Island, Nevada, New York City, Ithaca (NY), Westchester County (NY), and Washington residents: