Lead Engineer, Information Security

Job Summary

The primary purpose of this role is to provide consultation and technical direction to engineers focused on supporting the design, implementation and ongoing operation of Information Security tools and services. This includes providing expert direction for effectively translating business requirements and functional specifications into robust enterprise security software solutions that ensure information assets are adequately protected with acceptable levels of control. This also includes facilitating successful monitoring, testing, and evaluation of security assessments of systems and leading the design and implementation of remediation solutions.

To be successful, the individual in this role must have advanced knowledge of security practices and tools related to identity and access management along with enterprise digital certificate management systems. This role serves as a technical expert for project teams that establish and maintain programs that enable the business to operate efficiently and remain in compliance with regulatory and industry best practices.

Key Responsibilities

• Drives the strategic design, development, and optimization of advanced cybersecurity platforms, harnessing expert-level scripting methodologies and custom code development to uphold the highest standards of security infrastructure and resilience

• Serves as a technical expert for project teams throughout the implementation and maintenance of assigned Information Security solutions; defines and oversees the documentation of detailed standards (e.g., guidelines, processes, procedures)

• Educates others on current architectural standards and guidelines to drive efficiency in the design and implementation of Information Security solutions

• Resolves complex problems spanning multiple applications to drive overall improvements in security across systems and applications

• Identifies, reports, and leads technical support activities during Information Security incidents as part of an Incident Response Team; reviews and responds to security alerts to investigate malicious activity

• Leads the technical evaluation of new security technologies that address both current and future needs based on emerging threats and industry trends

• Keeps up to date with exploits relevant to the retail sales environment; researches possible preventative measures

• Solves complex cross-functional architecture/design and business problems; solutions are extensible; works to simplify, optimize, remove bottlenecks, etc.

• Mentors and advises others, sharing an in-depth understanding of company and industry methodologies, policies, standards, and controls

• Makes recommendations to Business and Technology leadership to ensure alignment of infrastructure applications and data with current and future security standards

• Responds to escalated security issues for enterprise systems; facilitates advanced diagnosis and troubleshooting when necessary

• Provides input into security breach response procedures; leads security breach response activities

• Leads break/fix activities, escalating problems to senior management and/or vendors as appropriate

• Analyzes the output of industry standard cybersecurity tools and identifies remediations to reduce risk and exposure of applications

• Completes custom enhancements of applications using secure coding techniques to reduce the threat of remote or local vulnerabilities

• Evaluates entire applications (Container, Infrastructure, host platform) to identify potential threats and vulnerabilities

• Evaluates complex application and hosting environments to identify potential weaknesses and provide remediation plans to reduce risk

• Designs application pipelines with secure configuration parameters to remove or reduce known threat vectors

Required Qualifications

• Bachelor's Degree in Computer Science, CIS, Engineering, Cybersecurity, or related field (or equivalent work or military experience in a related field)

• AND

• 7 years' Experience in technology system support, software development or a related field

• 5 years Experience with Information Security applications and systems

• 4 years Experience evaluating complex application and hosting environments to identify potential weaknesses and provide remediation plans to reduce risk

• 5 years Experiencing designing complex application and infrastructure systems

Preferred Qualifications

• Master's Degree in Computer Science, CIS, Business Administration or related field

• AND

• 6 years' Experience working on project(s) involving the implementation of solutions applying development life cycles (SDLC)

• 3 years DevOps experience

• 1 year Experience with Cloud technologies

• 4 years Experience designing application pipelines with secure configuration parameters to remove or reduce known threat vectors

• 5 years Experience working with diverse application and infrastructure environments to identify and provide technical guidance on threat reduction at both the application and supporting infrastructure layer

• 6 years IT experience developing and implementing business systems within an organization

• 6 years Experience working with defect or incident tracking software

• 6 years Experience writing technical documentation in a software development environment

• 4 years Experience working with an IT Infrastructure Library (ITIL) framework

• 4 years Experience leading teams, with or without direct reports

• 6 years Experience working with source code control systems

• Experience working with Continuous Integration/ Continuous Deployment tools

• Advanced understanding of Information Security practices and policies

About Lowe’s

Lowe’s Companies, Inc. (NYSE: LOW) is a FORTUNE® 50 home improvement company serving approximately 16 million customer transactions a week in the United States. With total fiscal year 2023 sales of more than $86 billion, Lowe’s operates over 1,700 home improvement stores and employs approximately 300,000 associates. Based in Mooresville, N.C., Lowe’s supports the communities it serves through programs focused on creating safe, affordable housing and helping to develop the next generation of skilled trade experts. For more information, visit Lowes.com.

Lowe’s is an equal opportunity employer and administers all personnel practices without regard to race, color, religious creed, sex, gender, age, ancestry, national origin, mental or physical disability or medical condition, sexual orientation, gender identity or expression, marital status, military or veteran status, genetic information, or any other category protected under federal, state, or local law.

Pay Range for CA, CO, HI, NJ, NY, WA: $111,600.00 - $212,000.00 annually Starting rate of pay may vary based on factors including, but not limited to, position offered, location, education, training, and/or experience. For information regarding our benefit programs and eligibility, please visit https://talent.lowes.com/us/en/benefits.