The Home DepotRemote
Cybersecurity Senior Engineer - Non Human Identity (Remote)
United States of America
Full Time
4 weeks ago
$120,000 - $180,000 USD
No H1B
Key skills
PythonPowerShellAIIAMOAuthIdentity ManagementCI/CDLeadershipZero Trust
About this role
The Home Depot is seeking a Senior Cybersecurity Engineer – Non‑Human Identity (NHI) to partner with various teams to design, build, and operate enterprise-scale automation for non-human identities. This role focuses on enhancing cybersecurity measures and automating identity management processes across diverse environments.
Responsibilities:
- Design automation workflows and capabilities in support of data collection, investigation and incident response
- Develop threat hunting and data analysis strategy and capabilities
- Identify and propose new technologies, methodologies and/or approaches to detecting malicious activity
- Utilize indicators to scope and respond proactively to emerging threats
- Design, build, configure, maintain and monitor cybersecurity threat defense capabilities and user access management
- Work with IAM, Architecture, and platform teams to design and operate automated discovery capabilities for NHIs across servers, applications, cloud platforms, and CI/CD pipelines
- Contribute to development of automation and tooling (Python, PowerShell) to: Discover NHIs across infrastructure and environments, Parse configuration files, logs, APIs, and Infrastructure‑as‑Code to identify embedded or hard‑coded credentials, Enrich NHI metadata including ownership, purpose, environment, and lifecycle state
- Partner with engineering teams to automate NHI hygiene activities such as ownership validation, lifecycle tracking, and reporting
- Collaborate with IAM, Architecture, cloud, and ITSM teams to design and integrate NHI lifecycle workflows, including onboarding, access reviews, credential rotation, and decommissioning
- Integrate NHI workflows with enterprise platforms, including: IAM and PAM solutions, Cloud IAM services, Secrets management platforms, ITSM and workflow tools
- Support enforcement of clear ownership, purpose, and lifecycle accountability for NHIs
- Assist with enterprise access reviews, attestations, and audit evidence generation
- Partner with application, platform, and DevOps teams to analyze authentication flows and refactor legacy patterns toward modern, password‑less NHI designs, including managed identities, OAuth client credentials, and short‑lived tokens
- Provide NHI context to security monitoring and incident response teams to support investigations involving service account misuse, anomalous automation behavior, or credential compromise
- Apply data‑driven techniques such as pattern recognition, baselining, and anomaly indicators to analyze NHI usage trends and detect drift or misuse
- Partner with architecture and platform teams to support onboarding and governance of AI agents as non‑human identities
- Help ensure AI agents have clearly defined ownership, scoped access, and documented lifecycle expectations
- Support certificate‑based NHIs (e.g., TLS, mTLS, client authentication) as part of broader NHI governance
- Integrate NHI discovery and lifecycle workflows with enterprise PKI and certificate management platforms
- Ensure certificates and private keys follow approved standards for issuance, rotation, and expiration, without direct ownership of PKI infrastructure
- Collaborate across security, cloud, and platform engineering teams to align NHI controls with Zero Trust principles and THD security standards
- Produce and maintain technical documentation, runbooks, and onboarding guides, and support audit and compliance activities through NHI evidence and reporting
- Continuously improve the NHI program by identifying automation opportunities, reducing operational toil, and improving accuracy, coverage, and maturity of non‑human identity controls
Requirements:
- Must be eighteen years of age or older
- Must be legally permitted to work in the United States
- The knowledge, skills and abilities typically acquired through the completion of a high school diploma and/or GED
- 3 years of work experience
- None leadership experience
- Work with IAM, Architecture, and platform teams to design and operate automated discovery capabilities for NHIs across servers, applications, cloud platforms, and CI/CD pipelines
- Contribute to development of automation and tooling (Python, PowerShell) to discover NHIs across infrastructure and environments
- Parse configuration files, logs, APIs, and Infrastructure‑as‑Code to identify embedded or hard‑coded credentials
- Enrich NHI metadata including ownership, purpose, environment, and lifecycle state
- Partner with engineering teams to automate NHI hygiene activities such as ownership validation, lifecycle tracking, and reporting
- Collaborate with IAM, Architecture, cloud, and ITSM teams to design and integrate NHI lifecycle workflows, including onboarding, access reviews, credential rotation, and decommissioning
- Integrate NHI workflows with enterprise platforms, including: IAM and PAM solutions, Cloud IAM services, Secrets management platforms, ITSM and workflow tools
- Support enforcement of clear ownership, purpose, and lifecycle accountability for NHIs
- Assist with enterprise access reviews, attestations, and audit evidence generation
- Partner with application, platform, and DevOps teams to analyze authentication flows and refactor legacy patterns toward modern, password‑less NHI designs, including managed identities, OAuth client credentials, and short‑lived tokens
- Provide NHI context to security monitoring and incident response teams to support investigations involving service account misuse, anomalous automation behavior, or credential compromise
- Apply data‑driven techniques such as pattern recognition, baselining, and anomaly indicators to analyze NHI usage trends and detect drift or misuse
- Partner with architecture and platform teams to support onboarding and governance of AI agents as non‑human identities
- Help ensure AI agents have clearly defined ownership, scoped access, and documented lifecycle expectations
- Support certificate‑based NHIs (e.g., TLS, mTLS, client authentication) as part of broader NHI governance
- Integrate NHI discovery and lifecycle workflows with enterprise PKI and certificate management platforms
- Ensure certificates and private keys follow approved standards for issuance, rotation, and expiration, without direct ownership of PKI infrastructure
- Collaborate across security, cloud, and platform engineering teams to align NHI controls with Zero Trust principles and THD security standards
- Produce and maintain technical documentation, runbooks, and onboarding guides, and support audit and compliance activities through NHI evidence and reporting
- Continuously improve the NHI program by identifying automation opportunities, reducing operational toil, and improving accuracy, coverage, and maturity of non‑human identity controls