PURPOSE OF ROLE:
As a leader in information security at Lowe’s you’ll be part of an exciting technology team that’s on the forefront of retail technology change.
The primary purpose of this role is to serve as a senior leader within the Lowe's Information Security team. This individual works closely with the Chief Information Security Officer (CISO), plus IT and business executives, to create and lead security strategies and programs that enable Lowe’s to effectively manage information security risk. This role includes responsibility for information security strategies and programs, policies, third party risk management and the delivery of internal security consultation services to business, IT, and program leadership.
The role operates in a dynamic environment of change. The successful candidate will help lead an information security transformation to support adoption of agile practices, DevSecOps, and cloud computing in an omni-channelretail market leader.
Establishes an Information Security controls framework for Risk and Vulnerability management
Identifies and provides KPIs and metrics for measurement of compliance with Information Security Management
Protects the integrity, confidentiality, and availability of information in the custody of or processed by the company
Develops and manages annual departmental expense and capital budget
Provides technical expertise and guides the administration of security tools that control and monitor information security
Works with IT in the research and evaluation of new or improved security software and devices
Directs the design, test, and recommendation, of new or improved security technologies
Selects, trains, and develops Information Security staff
Oversees the development and implementation of information security projects to ensure strong governance across Information Security at Lowe’s
Develops comprehensive security strategies that support Lowe’s business and IT strategies
Leads the development of security architectures that support business and IT strategies
Develops enterprise wide security and risk management and governance policies, standards and processes
Develops strategies and processes to provide information security consultation to IT and business initiatives and projects
QUALIFICATIONS REQUIRED EDUCATION/EXPERIENCE
Bachelor's Degree in Computer Science, Engineering, or related discipline or equivalent experience in lieu of degree.
8+ years of IT experience with a broad range of exposure to all aspects of business/system planning, analysis, and application development
6+ years of experience with information security concepts and practices with at least two years in a management capacity
Familiarity with multi-platform technology environments and their operational/security considerations
Strong project management skills, with experience in managing resources to meet goals on simultaneous/multiple projects
Demonstrated competency in strategic thinking with strong abilities in relationship management.
Job ID 1362763BR