The primary purpose of this role is to lead the implementation and ongoing delivery of information security compliance tools and processes. This includes responsibility for creating, executing, and improving processes and procedures with limited direct guidance from more senior-level security associates. This role solves complex problems while creating and optimizing processes and often takes a lead role in implementing new services and technologies. The individual in this role has a strong understanding of tools and processes supported by the team, including many of the key integration points with other parts of Technology. He/she works mostly independently and occasionally provides coaching and direction to more junior level associates on the team. The goal of the risk management program is to develop and continually enhance procedures to efficiently assess and manage risk and oversee implementation of relevant mitigating controls to enhance the information security posture. We welcome an innovative individual that embraces challenges and offers creative solutions.
Key Responsibilities:
- Document, track and follow-up on security-related issues (e.g. non-compliance with security policies)
- Analyze risk and their potential impact, develop risk mitigation strategies/actions throughout the risk lifecycle.
- Work cross-functionally across the business to identify and remediate gaps reducing security risk exposure
- Participate in advising the business on how to maintain / implement business solutions that keep Lowe’s compliant with security impacting regulations
- Participate in assessments, such as design assessments for security controls, risk assessments and root cause analysis
- Participate in building/maintaining the risk and control library as well as identifying any gaps
- Acts as an advisor and single point of contact to business partner stakeholders and teams advocating security best practices
- Collaborates with subject matter experts, control owners, business stakeholders, and/or other accountable parties to support and advance information security compliance with Lowe’s policies, standards, and regulations
- Works proactively with the Security compliance function regarding key information security risk considerations
- Maintains the control requirements library with Lowe’s GRC tool that addresses regulatory and policy requirements
Minimum Qualifications:
- Bachelor's degree in Computer Science, CIS, Engineering, Business Administration, Cybersecurity, or related field (or equivalent work or military experience in a related field)
- 4 years of experience in information security
- Intermediate understanding of fundamental security and network concepts (Windows and Unix security: OS lockdown; logging and monitoring; application security; user access; perimeter protection principles, network communication rules; intrusion detection and analysis methods; etc.)
Preferred Qualifications:
- IT experience in the retail industry
- Relevant information security certifications (e.g., CISSP, CISM, CEH, PCI ISA, CRISC, CISA, OSCP, GPen)
About Lowe’s
Lowe's Companies, Inc. (NYSE: LOW) is a FORTUNE® 50 home improvement company serving approximately 17 million customer transactions a week in the U.S. With total fiscal year 2022 sales of over $97 billion, approximately $92 billion of sales were generated in the U.S., where Lowe's operates over 1,700 home improvement stores and employs approximately 300,000 associates. Based in Mooresville, N.C., Lowe's supports the communities it serves through programs focused on creating safe, affordable housing and helping to develop the next generation of skilled trade experts. For more information, visit Lowes.com.
Lowe’s is an equal opportunity employer and administers all personnel practices without regard to race, color, religious creed, sex, gender, age, ancestry, national origin, mental or physical disability or medical condition, sexual orientation, gender identity or expression, marital status, military or veteran status, genetic information, or any other category protected under federal, state, or local law.
Pay Range: $92,300.00 - $175,400.00 annually Starting rate of pay may vary based on factors including, but not limited to, position offered, location, education, training, and/or experience. For information regarding our benefit programs and eligibility, please visit https://talent.lowes.com/us/en/benefits.