Intrusion Analyst III (US) - Security Operations Center (SOC)

About The Position

Requirements

• Expert understanding of attack lifecycles, network telemetry, endpoint data, and adversarial tactics mapped to MITRE ATT&CK.
• Proven ability to lead the full incident lifecycle, following NIST best practices from identification through post-incident recovery.
• Ability to design and optimize automated response workflows in XSOAR or Google SOAR to reduce response time and analyst fatigue.
• Comfortable integrating AI and machine learning tools into investigative processes to improve detection accuracy and reduce false positives.
• Understands the business impact of identified threats and aligns response actions to minimize operational risk.
• Proactively evaluates emerging technologies and integrates them into SOC operations.
• Experience with SIEM platforms such as Google Chronicle and Microsoft Sentinel for event correlation and detection engineering.
• Strong knowledge of SOAR technologies (XSOAR, Google SOAR) for orchestration and response automation.
• Familiarity with endpoint detection and response (EDR) tools such as MDE and Sysinternals.
• Working knowledge of AI-powered analysis and automation tools including Google Agentic AI, ChatGPT, Co-pilot, and Gemini.
• Understanding of key cybersecurity frameworks and standards: NIST Incident Response Framework, MITRE ATT&CK, and ISO 27001.
• Experience conducting forensic analysis, log correlation, and root cause investigations.
• Strong communication skills to convey findings to technical and non-technical audiences.
• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field (or equivalent experience).
• 5+ years of experience in SOC operations, intrusion detection, or incident response.
• Demonstrated experience leading complex investigations and coordinating cross-functional response efforts.
• Option 1: Bachelor's degree in computer science, information technology, engineering, information systems, cybersecurity or related area and 2years' experience in intrusion analysis or related area at a technology, retail, or data-driven company.
• Option 2: 4 years' experience in intrusion analysis or related area at a technology, retail, or data-driven company.

Nice To Haves

• Advanced certifications: GCIA, GCIH, Security+.
• Experience developing detection rules, playbooks, and automation workflows.
• Hands-on experience with cloud-native security tooling and hybrid SOC environments.
• Certification in Security+, Network+, GISF, CISA ,CISSP, CCSP, or GCIH
• Master's degree in Computer Science, Information Technology, Engineering, Information Systems, Cybersecurity, or related area
• We value candidates with a background in creating inclusive digital experiences, demonstrating knowledge in implementing Web Content Accessibility Guidelines (WCAG) 2.2 AA standards, assistive technologies, and integrating digital accessibility seamlessly. The ideal candidate would have knowledge of accessibility best practices and join us as we continue to create accessible products and services following Walmart's accessibility standards and guidelines for supporting an inclusive culture.

Responsibilities

• Threat Detection & Monitoring - Monitor network, endpoint, and cloud environments for suspicious or malicious activity using advanced detection and correlation tools, including Google Chronicle and Microsoft Sentinel.
• Incident Response - Lead investigations into potential intrusions, coordinate containment and eradication activities, and ensure recovery aligns with NIST incident response framework principles.
• Threat Intelligence Integration - Correlate internal alerts with threat intelligence and MITRE ATT&CK classifications to validate and prioritize incidents.
• SOAR & Automation - Leverage XSOAR and Google SOAR platforms to automate triage, enrichment, and response workflows for improved SOC efficiency.
• AI-Driven Analysis - Utilize AI-based tools such as Google Agentic AI, ChatGPT, Co-pilot, and Gemini to enhance investigation speed, threat hunting, and reporting accuracy.
• Forensics & Endpoint Analysis - Use endpoint protection and diagnostic tools such as Microsoft Defender for Endpoint (MDE) and Sysinternals to conduct forensic analysis and validate root causes.
• Collaboration & Communication - Partner with internal stakeholders, leadership, and external partners to provide situational awareness and actionable recommendations.
• Mentorship & Leadership - Support junior analysts through coaching, technical guidance, and knowledge sharing to build overall SOC capability.

Benefits

• At Walmart, we offer competitive pay as well as performance-based bonus awards and other great benefits for a happier mind, body, and wallet.
• Health benefits include medical, vision and dental coverage.
• Financial benefits include 401(k), stock purchase and company-paid life insurance.
• Paid time off benefits include PTO (including sick leave), parental leave, family care leave, bereavement, jury duty, and voting.
• Other benefits include short-term and long-term disability, company discounts, Military Leave Pay, adoption and surrogacy expense reimbursement, and more.
• You will also receive PTO and/or PPTO that can be used for vacation, sick leave, holidays, or other purposes.
• The amount you receive depends on your job classification and length of employment.
• It will meet or exceed the requirements of paid sick leave laws, where applicable.
• Live Better U is a Walmart-paid education benefit program for full-time and part-time associates in Walmart and Sam's Club facilities.
• Programs range from high school completion to bachelor's degrees, including English Language Learning and short-form certificates.
• Tuition, books, and fees are completely paid for by Walmart.
• Eligibility requirements apply to some benefits and may depend on your job classification and length of employment.
• Benefits are subject to change and may be subject to a specific plan or program terms.
• Additional compensation includes annual or quarterly performance bonuses.
• Stock