Engineer, Information Security

Lowe's Companies, Inc.•Charlotte, NC

7d•Onsite

About The Position

The primary purpose of this role is to support the design, implementation and ongoing operations of information security tools and services. This includes translating business and technical requirements into robust enterprise security software solutions that ensure information assets are adequately protected with acceptable levels of control. This also includes monitoring, testing, and evaluating security assessments of systems and taking steps to help design and implement remediation solutions. To be successful, the individual in this role must have knowledge of security practices and tools related to identity and access management along with enterprise digital certificate management systems. This role helps establish and maintain programs that enable the business to operate efficiently and remain in compliance with regulatory and industry best practices.

Requirements

Bachelor’s degree Computer Science, CIS, Engineering, Cybersecurity, or related field or equivalent years of experience in lieu of education requirement, if applicable
2 Years Experience in technology system support, software development or a related field
1 Year Experience with information security applications and systems

Nice To Haves

Master’s degree Computer Science, CIS, Business Administration, or related field
2 Years Experience analyzing the output of industry standard cybersecurity tools and identifying remediations to reduce risk and exposure of applications
1 Year Experience working on project(s) involving the implementation of solutions applying development life cycles (SDLC)
2 Years IT experience developing and implementing business systems within an organization
2 Years Experience working with defect or incident tracking software
2 Years Experience with technical documentation in a software development environment
2 Years Experience working with an IT Infrastructure Library (ITIL) framework
2 Years Experience leading teams, with or without direct reports
Experience with Cloud technologies
Relevant information security certifications (e.g., CISSP, CISM, CEH, PCI ISA, CRISC, CISA, OSCP, GPen)

Responsibilities

Designs, builds, and maintains advanced cybersecurity platforms utilizing scripting methodologies and occasional custom code development to ensure robust and resilient security infrastructure
Supports the implementation and maintenance of assigned information security solutions to ensure successful deployment and operation; develops and documents detailed standards (e.g., guidelines, processes, procedures)
Assists the Information Security team in monitoring security systems, reviewing logs, and managing information security systems
Participates in regular security vulnerability assessments
Collaborates with other technology teams including Engineering to design and implement remediation solutions
Provides assistance during information security incidents as part of an Incident Response Team
Remains aware of technological trends and developments in the area of information security
Solves difficult technical problems; solutions are testable, maintainable, and efficient
Provides support in the event of escalated security issues for enterprise systems; helps diagnose, troubleshoot, and resolve issues
Supports the implementation of hardware and software changes into environments to ensure security requirements are met
Completes basic custom enhancements of applications using secure coding techniques to reduce the threat of remote or local vulnerabilities
Evaluates entire applications (Container, Infrastructure, host platform) to identify potential threats and vulnerabilities