The Home DepotRemote
Cybersecurity Engineer II, Product Security (REMOTE)
United States of America
Full Time
2 hours ago
No H1B
Key skills
SaaSCI/CDLeadershipCommunicationCollaboration
About this role
The Home Depot is seeking a Cybersecurity Engineer II to serve as a dedicated security partner for a specific business portfolio. In this role, you will build a "Secure Flow" to integrate security into the developer workflow and establish a scalable operating model to ensure applications are visible, assessed, and secured.
Responsibilities:
- Collaborate with Enterprise Technology to configure and integrate cybersecurity systems that mitigate risk
- Troubleshoot and quickly resolve escalated incidents
- Design, build, configure, maintain, monitor cybersecurity threat defense capabilities and user access management
- Coordinate integration and collaboration with managed security providers
- Investigate and recommend corrective actions related to incidents
Requirements:
- Must be eighteen years of age or older
- Must be legally permitted to work in the United States
- 3–5 years of experience in Product Security, Application Security (AppSec), or DevSecOps
- Hands-on experience integrating and managing security scanning tools such as SAST, DAST, and secret scanning within CI/CD pipelines and source code repositories
- Experience conducting threat modeling for applications and identifying design-level security risks
- Ability to interpret security tool findings and partner with engineering teams to remediate Critical and High-risk vulnerabilities
- Strong communication skills with the ability to clearly explain technical security risks to non-security stakeholders
- Experience with SaaS Security Posture Management (SSPM) tools and validating security coverage across a SaaS application portfolio
- Proficiency with formal threat modeling methodologies such as STRIDE, PASTA, or similar frameworks
- Experience working closely with architects and engineering leaders to influence secure design decisions early in the development lifecycle
- Demonstrated ability to build trusted relationships with engineering and product stakeholders and promote a 'Secure from Start' mindset
- Experience maintaining security metrics or scorecards and presenting security posture and remediation progress to leadership or portfolio stakeholders
- Strong ability to position security as an enabler of developer velocity and business outcomes, not just risk reduction