Back to jobs
Job Description
Best Buy is an ideal place to pursue an interest in Information Security because it combines industry leadership with a strong commitment to innovation and security. As the world’s leading consumer electronics retailer, generating over $40 billion in annual revenue, Best Buy continues to grow while investing heavily in future-focused expansion and technological advancement. Alongside enhancing customer-facing applications, the company is building world-class security tools and methodologies to protect customer data. By joining Best Buy’s Information Security Team as an Incident Response Specialist, you become part of a dynamic, forward-thinking group of experts dedicated to detecting and disrupting threat actors through advanced data analysis, threat intelligence, and cutting-edge technologies. In this role, you will contribute on the front lines of security, strengthening detection and response capabilities while continuously improving the company’s overall security posture and resilience.
This role is hybrid, which means you will work some days at our corporate office in Richfield, Minnesota, and some days virtually from home or another non-Best Buy location. The specific work arrangements vary by role and team. The recruiter or hiring manager will provide more details during the hiring process.
What you’ll do
We’re committed to helping our people thrive at work and at home. We offer generous benefits that address your total well-being and provide support as you need it, especially key moments in your life.
Our benefits include:
Certain roles, where market norms demand it, are eligible for various forms of incentive pay to drive performance and offer recognition for achieving financial and strategic results. For more information about our incentive pay plans, including eligibility, please refer to our Incentive Programs Summary.
For more information about benefits, LOA and paid time off, please refer to our Benefits Guide.
About us
As part of the Best Buy team, you’ll help us fulfill our purpose to enrich lives through technology. We bring that to life every day by humanizing and personalizing tech solutions for every stage of life — in our stores, online and in customers’ homes.
Our culture is built on deeply supporting and valuing our amazing employees who make it all possible. We’re committed to being a great place to work, where you can unlock unique career possibilities. Above all, we aim to provide a place where you can bring your full, authentic self to work now and into the future. Tomorrow works here.™
Best Buy is an equal opportunity employer.
This role is hybrid, which means you will work some days at our corporate office in Richfield, Minnesota, and some days virtually from home or another non-Best Buy location. The specific work arrangements vary by role and team. The recruiter or hiring manager will provide more details during the hiring process.
What you’ll do
- Respond to cybersecurity incidents by collecting and analyzing digital evidence
- Develop and present forensic findings to stakeholders
- Perform data analytics to identify and validate potential security threats
- Apply knowledge of various technologies to assess evidence for relevance and forensic value
- Conduct network forensic investigations, including packet analysis
- Analyze malware to understand functionality and identify indicators of compromise (IOCs)
- Participate in proof-of-concept testing for new cybersecurity tools
- Prepare detailed, formal written reports suitable for legal or compliance purposes
- Support incident response activities with post-mortem briefings, analysis, and reporting
- 5 or more years of experience in Digital Forensic Incident Response in a large-scale enterprise environment.
- 5 or more years of experience performing forensic analysis on volatile host data.
- 5 or more years of experience performing network log and traffic analysis.
- Experience communicating with non-technical and technical stakeholders.
- Strong case management and documentation skills.
- Strong analytical and problem-solving skills under pressure.
- Bachelor's degree in Cybersecurity or related discipline.
- Relevant cybersecurity certifications (GIAC, EC-Council, Offensive Security, etc.).
- Previous experience working in cloud environments in a Cybersecurity capacity.
- Experience authoring detection signatures.
- 2 or more years of recent experience conducting dynamic and static malware analysis.
- Understanding and utilization of KQL.
- Understanding of regular expression and at least one common scripting language (PERL, Python, PowerShell, ETC).
We’re committed to helping our people thrive at work and at home. We offer generous benefits that address your total well-being and provide support as you need it, especially key moments in your life.
Our benefits include:
- Competitive pay
- Generous employee discount
- Physical and mental well-being support
Certain roles, where market norms demand it, are eligible for various forms of incentive pay to drive performance and offer recognition for achieving financial and strategic results. For more information about our incentive pay plans, including eligibility, please refer to our Incentive Programs Summary.
For more information about benefits, LOA and paid time off, please refer to our Benefits Guide.
About us
As part of the Best Buy team, you’ll help us fulfill our purpose to enrich lives through technology. We bring that to life every day by humanizing and personalizing tech solutions for every stage of life — in our stores, online and in customers’ homes.
Our culture is built on deeply supporting and valuing our amazing employees who make it all possible. We’re committed to being a great place to work, where you can unlock unique career possibilities. Above all, we aim to provide a place where you can bring your full, authentic self to work now and into the future. Tomorrow works here.™
Best Buy is an equal opportunity employer.