Walmart
Intrusion Analyst III (US) - Security Operations Center (SOC)
Walmart, Bentonville, Arkansas, United States, 72712
Overview
Intrusion Analyst III (US) - Security Operations Center (SOC). This role leads complex intrusion investigations, enhances detection and response capabilities, and ensures incidents are managed efficiently and in alignment with company standards and industry frameworks. Partners across cybersecurity, infrastructure, and business teams to anticipate, detect, and respond to threats while driving continuous improvement in Walmart’s global security posture. Base pay range $90,000.00/yr - $180,000.00/yr Responsibilities
Threat Detection & Monitoring – Monitor network, endpoint, and cloud environments for suspicious or malicious activity using advanced detection and correlation tools, including Google Chronicle and Microsoft Sentinel. Incident Response – Lead investigations into potential intrusions, coordinate containment and eradication activities, and ensure recovery aligns with NIST incident response framework principles. Threat Intelligence Integration – Correlate internal alerts with threat intelligence and MITRE ATT&CK classifications to validate and prioritize incidents. SOAR & Automation – Leverage XSOAR and Google SOAR platforms to automate triage, enrichment, and response workflows for improved SOC efficiency. AI-Driven Analysis – Utilize AI-based tools such as Google Agentic AI, ChatGPT, Co-pilot, and Gemini to enhance investigation speed, threat hunting, and reporting accuracy. Forensics & Endpoint Analysis – Use endpoint protection and diagnostic tools such as Microsoft Defender for Endpoint (MDE) and Sysinternals to conduct forensic analysis and validate root causes. Collaboration & Communication – Partner with internal stakeholders, leadership, and external partners to provide situational awareness and actionable recommendations. Mentorship & Leadership – Support junior analysts through coaching, technical guidance, and knowledge sharing to build overall SOC capability. Core Competencies
Intrusion Analysis & Detection – Expert understanding of attack lifecycles, network telemetry, endpoint data, and adversarial tactics mapped to MITRE ATT&CK. Incident Handling – Proven ability to lead the full incident lifecycle, following NIST best practices from identification through post-incident recovery. SOAR & Automation Expertise – Ability to design and optimize automated response workflows in XSOAR or Google SOAR to reduce response time and analyst fatigue. AI and Advanced Analytics – Comfortable integrating AI and machine learning tools into investigative processes to improve detection accuracy and reduce false positives. Cyber Risk Awareness – Understands the business impact of identified threats and aligns response actions to minimize operational risk. Continuous Learning & Innovation – Proactively evaluates emerging technologies and integrates them into SOC operations. Technical Knowledge & Skills
Experience with SIEM platforms such as Google Chronicle and Microsoft Sentinel for event correlation and detection engineering. Strong knowledge of SOAR technologies (XSOAR, Google SOAR) for orchestration and response automation. Familiarity with endpoint detection and response (EDR) tools such as MDE and Sysinternals. Working knowledge of AI-powered analysis and automation tools including Google Agentic AI, ChatGPT, Co-pilot, and Gemini. Understanding of key cybersecurity frameworks and standards: NIST Incident Response Framework, MITRE ATT&CK, and ISO 27001. Experience conducting forensic analysis, log correlation, and root cause investigations. Strong communication skills to convey findings to technical and non-technical audiences. Minimum Qualifications
Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field (or equivalent experience). 5+ years of experience in SOC operations, intrusion detection, or incident response. Demonstrated experience leading complex investigations and coordinating cross-functional response efforts. Preferred Qualifications
Advanced certifications: GCIA, GCIH, Security+. Experience developing detection rules, playbooks, and automation workflows. Hands-on experience with cloud-native security tooling and hybrid SOC environments. Leadership Expectations
Respect the Individual – Build inclusive, trusting relationships; recognize team contributions; foster an environment where associates thrive and perform at their best. Act with Integrity – Model ethical conduct, transparency, and accountability in every action; ensure compliance with cybersecurity and data privacy standards. Serve Our Customers and Members – Protect customer and member trust by delivering secure, resilient technology solutions that enable business success. Strive for Excellence – Demonstrate curiosity, adaptability, and a growth mindset. Encourage innovation, learning, and continuous improvement across SOC operations. Impact of Role
The Intrusion Analyst III ensures Walmart’s systems remain secure, resilient, and prepared to face evolving cyber threats. Through technical expertise, automation, and leadership, this role enhances Walmart’s global defense capabilities—protecting associates, customers, and members worldwide.
#J-18808-Ljbffr
Intrusion Analyst III (US) - Security Operations Center (SOC). This role leads complex intrusion investigations, enhances detection and response capabilities, and ensures incidents are managed efficiently and in alignment with company standards and industry frameworks. Partners across cybersecurity, infrastructure, and business teams to anticipate, detect, and respond to threats while driving continuous improvement in Walmart’s global security posture. Base pay range $90,000.00/yr - $180,000.00/yr Responsibilities
Threat Detection & Monitoring – Monitor network, endpoint, and cloud environments for suspicious or malicious activity using advanced detection and correlation tools, including Google Chronicle and Microsoft Sentinel. Incident Response – Lead investigations into potential intrusions, coordinate containment and eradication activities, and ensure recovery aligns with NIST incident response framework principles. Threat Intelligence Integration – Correlate internal alerts with threat intelligence and MITRE ATT&CK classifications to validate and prioritize incidents. SOAR & Automation – Leverage XSOAR and Google SOAR platforms to automate triage, enrichment, and response workflows for improved SOC efficiency. AI-Driven Analysis – Utilize AI-based tools such as Google Agentic AI, ChatGPT, Co-pilot, and Gemini to enhance investigation speed, threat hunting, and reporting accuracy. Forensics & Endpoint Analysis – Use endpoint protection and diagnostic tools such as Microsoft Defender for Endpoint (MDE) and Sysinternals to conduct forensic analysis and validate root causes. Collaboration & Communication – Partner with internal stakeholders, leadership, and external partners to provide situational awareness and actionable recommendations. Mentorship & Leadership – Support junior analysts through coaching, technical guidance, and knowledge sharing to build overall SOC capability. Core Competencies
Intrusion Analysis & Detection – Expert understanding of attack lifecycles, network telemetry, endpoint data, and adversarial tactics mapped to MITRE ATT&CK. Incident Handling – Proven ability to lead the full incident lifecycle, following NIST best practices from identification through post-incident recovery. SOAR & Automation Expertise – Ability to design and optimize automated response workflows in XSOAR or Google SOAR to reduce response time and analyst fatigue. AI and Advanced Analytics – Comfortable integrating AI and machine learning tools into investigative processes to improve detection accuracy and reduce false positives. Cyber Risk Awareness – Understands the business impact of identified threats and aligns response actions to minimize operational risk. Continuous Learning & Innovation – Proactively evaluates emerging technologies and integrates them into SOC operations. Technical Knowledge & Skills
Experience with SIEM platforms such as Google Chronicle and Microsoft Sentinel for event correlation and detection engineering. Strong knowledge of SOAR technologies (XSOAR, Google SOAR) for orchestration and response automation. Familiarity with endpoint detection and response (EDR) tools such as MDE and Sysinternals. Working knowledge of AI-powered analysis and automation tools including Google Agentic AI, ChatGPT, Co-pilot, and Gemini. Understanding of key cybersecurity frameworks and standards: NIST Incident Response Framework, MITRE ATT&CK, and ISO 27001. Experience conducting forensic analysis, log correlation, and root cause investigations. Strong communication skills to convey findings to technical and non-technical audiences. Minimum Qualifications
Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field (or equivalent experience). 5+ years of experience in SOC operations, intrusion detection, or incident response. Demonstrated experience leading complex investigations and coordinating cross-functional response efforts. Preferred Qualifications
Advanced certifications: GCIA, GCIH, Security+. Experience developing detection rules, playbooks, and automation workflows. Hands-on experience with cloud-native security tooling and hybrid SOC environments. Leadership Expectations
Respect the Individual – Build inclusive, trusting relationships; recognize team contributions; foster an environment where associates thrive and perform at their best. Act with Integrity – Model ethical conduct, transparency, and accountability in every action; ensure compliance with cybersecurity and data privacy standards. Serve Our Customers and Members – Protect customer and member trust by delivering secure, resilient technology solutions that enable business success. Strive for Excellence – Demonstrate curiosity, adaptability, and a growth mindset. Encourage innovation, learning, and continuous improvement across SOC operations. Impact of Role
The Intrusion Analyst III ensures Walmart’s systems remain secure, resilient, and prepared to face evolving cyber threats. Through technical expertise, automation, and leadership, this role enhances Walmart’s global defense capabilities—protecting associates, customers, and members worldwide.
#J-18808-Ljbffr