Home Depot cybersecurity team protects massive retail and online operations
Home Depot’s security team spans 10 service areas, remote and onsite, because every card swipe, store pickup and app login runs through the same retail machine.

Home Depot’s online channels drew 3.5 billion-plus users in fiscal 2021, and 55% of online orders were filled through a store. Its cybersecurity team works remote and onsite across 10 service areas. Current openings span engineering and operations, from Cybersecurity Analyst II to Senior Cybersecurity Engineer - CIAM and a Global Security Operations Center operator.
What the team protects
Home Depot is the world’s largest home improvement retailer, with stores in all 50 states, Washington, D.C., Puerto Rico, the U.S. Virgin Islands, Guam, 10 Canadian provinces and Mexico. Its technology organization includes 3,500-plus technologists and 3 Innovation Centers, and the leadership page places Fran Bell over technology, Angie Brown over information technology and cybersecurity, and Jordan Broggi over customer experience and online. The company is also rolling out its generative AI tool Magic Apron.
How the cybersecurity team is organized
The structure is broad enough to cover identity, code, network defense and internal risk without forcing every problem into one SOC queue. Home Depot breaks the work into these service areas:
- Identity & Access Management, which increases the company’s position and technical capabilities against internal threats.
- Architecture, which protects networks, data and sensitive information in all stages of design.
- Security Consulting, which advises the business on the right level of security across the company.
- Risk Assessment & Advisory, which defines and coordinates security policies, standards and risk management activities.
- Issue & Compliance Management, which identifies, analyzes and advises on risks, then measures cybersecurity risk assessments.
- Security & Network Operations, which coordinates cybersecurity program services and subservices across the company.
- Service Optimization, which creates efficiencies through automation, orchestration and data analytics.
- Governance, which defines and coordinates security policy and standards.
- Strategic Planning, which helps maintain compliance and manage issues.
- Internal Threat Operations, which uses technology, processes and procedures to mitigate, deter, detect, analyze and respond to internal cybersecurity incidents.
Home Depot says most of its code is written by its own associates, the company uses agile methodologies, paired programming, balanced teams and a customer-back engineering approach, and its stack includes Java 11, JavaScript, Spring Boot, Node.js, Angular, Azure, React, Python, Kubernetes, Docker, Cassandra, GCP, Golang, PCF, Spinnaker and MongoDB.
What a shift looks like
A Cybersecurity Engineer | Application Security posting lists troubleshooting escalated incidents, investigating corrective actions, collaborating with Enterprise Technology and designing, building, configuring, maintaining and monitoring threat defenses and user access management. The public listing ties the role to Atlanta, shows a $50,000 to $130,000 pay range, lists no travel requirement, and places the work in a comfortable indoor area.
The Global Security Operations Center operator role is scheduled for Saturday and Sunday, 10 p.m. to 6 a.m., and it serves as the first contact for emergencies tied to national crises, executive evacuation, staff evacuation and alarm response. It also monitors national events, weather, news and traffic, then supports investigative teams with data analysis, logistics and report preparation.
How to qualify and move up
Home Depot’s public role descriptions require business knowledge, technical experience and security judgment. Home Depot’s job portal defines remote or virtual roles as not requiring a designated location, hybrid roles as a mix of office and remote days, and onsite roles as tied to a specific location; the current cybersecurity postings include remote engineering roles and a part-time GSOC position in Atlanta.
Current materials highlight health and wellness benefits, legal help, bonuses and tuition reimbursement, while current role postings list paid vacation, sick leave, parental leave, six paid holidays, medical, dental and vision coverage, 401(k) matching, employee stock purchase and profit-sharing bonuses.
Home Depot’s current listings include an analyst, a senior engineer focused on CIAM, a senior manager in offensive security and a non-human identity role, while Amy joined as a Cybersecurity Director in 2021 and leads firewalls, infrastructure projects and network security operations. “At Home Depot, there are so many opportunities to challenge yourself and grow, while working with a world-class Cybersecurity team.”
Why the breach history still shapes the job
In 2014, criminals used a third-party vendor username and password to enter the perimeter of Home Depot’s network. Home Depot later said about 56 million debit and credit card numbers had been stolen. In its SEC filing, the company said it recorded $43 million in pretax breach expenses in the third quarter of fiscal 2014, partially offset by a $15 million insurance receivable, while a U.S. government cyber-awareness case study said the attack resembled the Target breach and noted that two-factor authentication could have added another layer of protection.
This article was produced by Prism’s automated news system from verified source data, official records, and press releases, then run through automated quality and moderation checks before publishing. The system is built and supervised by the people who set the standards it runs under. Read our full AI policy.
Did this article answer your question?


