Your Impact

The primary purpose of this role is to support the design, implementation, and ongoing operations of information security tools and services. This includes translating business and technical requirements into robust enterprise security software solutions that ensure information assets are adequately protected with acceptable levels of control. This also includes monitoring, testing, and evaluating security assessments of systems and taking steps to help design and implement remediation solutions. 

To be successful, the individual in this role must know security practices and tools related to identity and access management along with enterprise digital certificate management systems. This role helps establish and maintain programs that enable the business to operate efficiently and remain in compliance with regulatory and industry best practices.

Key Responsibilities

The primary purpose of this role is to support the design, implementation, and ongoing operations of information security tools and services in the Identity and Access Management (IAM) space, specifically around authentication and authorizationResponsible for enterprise-level support, standards, and best practices for identity access management (IAM) and IAM-related services related to access management (Identity Providers, Enterprise Directories, etc.)Able to understand, translate, and implement auth services in accordance with standards (i.e. OAuth, OIDC, SAML 2.0, etc.)Supports the implementation and maintenance of assigned information security solutions to ensure successful deployment and operation; develops and documents detailed standards (e.g., guidelines, processes, procedures)Assists the Information Security team in monitoring security systems, reviewing logs, and managing information security systemsCollaborates with other technology teams including Engineering to design and implement solutionsRemains aware of technological trends and developments in the area of information securityParticipates in continuing education and learning, not only about the software and solutions assigned but also about security and risk management standards and best practicesSolves difficult technical problems; solutions are testable, maintainable, and efficientProvides support in the event of escalated security issues for enterprise systems; helps diagnose, troubleshoot, and resolve issuesSupports the implementation of hardware and software changes into environments to ensure security requirements are metProvides input into security breach response procedures; assists with security breach response activitiesParticipates in break/fix activitiesAnalyzes the output of industry-standard cybersecurity tools and helps identify remediations to reduce risk and exposure of applicationsCompletes basic custom enhancements of applications using secure coding techniques to reduce the threat of remote or local vulnerabilitiesEvaluate entire applications (Container, Infrastructure, host platform) to identify potential threats and vulnerabilitiesMonitors and analyzes the current state of platforms to ensure performance is within pre-determined thresholds.Collaborates with vendors and other teams in matters of products, troubleshooting, maintenance, and documentation.Possess working knowledge of JSON, REST, and API integrations and security

What You will Do;

Bachelor's Degree in Computer Science, CIS, Engineering, Cybersecurity, or a related field (or equivalent work experience in a related field)2 Years of experience in technology system support, software development, or a related field1 Year of experience with information security applications and systems

Preferred Qualifications

Masters Degree in Computer Science, CIS, Business Administration, or related fieldExperience installing, configuring, and maintaining an authentication tool (i.e; ping identity, ForgeRock, Keycloak).Experience with deploying CI/CD pipelines.1 Year of experience working on project(s) involving the implementation of solutions applying development life cycles (SDLC)2 years of experience analyzing the output of industry-standard cybersecurity tools and identifying remediations to reduce risk and exposure of applicationsRelevant information security certifications (e.g., CISSP, CISM, CEH, PCI ISA, CRISC, CISA, OSCP, GPen).Advanced understanding of information security practices and policies2 Years of IT experience developing and implementing business systems within an organization2 years of experience working with defect or incident-tracking software2 Years of experience with technical documentation in a software development environment2 years of experience working with an IT Infrastructure Library (ITIL) framework2 years of experience leading teams, with or without direct reportsExperience with Cloud technologies

Where You’ll Be

Associates are required to relocate to the Charlotte region to foster collaboration and facilitate improved testing and support.Lowe’s supports a Flex Office concept where in-person work is required two days per week at the Charlotte Tech HubMost business meetings are planned around the Eastern time zone.

About Lowe’s

Lowe’s Companies, Inc. (NYSE: LOW) is a FORTUNE® 50 home improvement company serving approximately 16 million customer transactions a week in the United States. With total fiscal year 2023 sales of more than $86 billion, Lowe’s operates over 1,700 home improvement stores and employs approximately 300,000 associates. Based in Mooresville, N.C., Lowe’s supports the communities it serves through programs focused on creating safe, affordable housing and helping to develop the next generation of skilled trade experts. For more information, visit Lowes.com.

Lowe’s is an equal opportunity employer and administers all personnel practices without regard to race, color, religious creed, sex, gender, age, ancestry, national origin, mental or physical disability or medical condition, sexual orientation, gender identity or expression, marital status, military or veteran status, genetic information, or any other category protected under federal, state, or local law.