Lead Analyst, Information Security

Starting rate of pay may vary based on factors including, but not limited to, position offered, location, education, training, and/or experience. For information regarding our benefit programs and eligibility, please visit /us/en/benefits .Job SummaryThe primary purpose of this role is to lead the development and ongoing delivery of information security tools and processes. This includes responsibility for creating, executing and improving processes and procedures while also providing thought leadership and guidance to the rest of the team.This role addresses complex and interdependent issues that span technologies, business units and services, and drives continuous enhancement to tools and processes.The individual in this role has an expert understanding of all tools and processes supported by the team, including the various integration points with other parts of Technology. He/she works with a high level of independence and autonomy and provides regular coaching and direction to more junior level associates on the team.With a focus on Cloud Security , this role supports the security architecture across all three major public cloud providers (Google, Azure, and AWS) as well as our hybrid data centers. This position will support a risk based design approach to apply the necessary controls across SaaS, PaaS, IaaS, and 3rd party tools to deliver a secured solution architecture.QualificationsMinimum Qualifications Bachelor''s Degree in Computer Science, CIS, Engineering, Business Administration, Cybersecurity, or related field (or equivalent work or military experience in a related field) 6 years of experience in information security Advanced understanding of fundamental security and network concepts (Windows and Unix security: OS lockdown; logging and monitoring; application security; user access; perimeter protection principles, network communication rules; intrusion detection and analysis methods; etc.)Preferred Qualifications IT experience in the retail industry Relevant information security certifications (e.g., CISSP, CISM, CEH, PCI ISA, CRISC, CISA, OSCP, GPen)Identity & Access Management Experience with IAM technology implementation and operations (e.g., CA, Sailpoint, OKTA, SSO, MFA, IGA, Microsoft AD) (specific to Identity & Access Management role) Experience with process management methodologies such as Six Sigma or ITIL Delivery methodologies (Agile, Scrum, SAFe) (specific to Identity & Access Management role) 5 years of experience with IAM technologies and vendor platforms such as CA, Sailpoint, OKTA, SSO, MFA, IGA, Microsoft Azure AD and O365, Google Cloud (specific to Identity & Access Management role)Security Operations Center (SOC) Willing to work in a team-oriented 24/7 SOC environment; flexibility to work on a rotating schedule (including occasional shift work) (specific to Security Operations Center role) Intermediate knowledge of Microsoft and Google cloud platforms, to include knowledge of all feature sets applicable to security event detection and monitoring (specific to Security Operations Center role) Advanced understanding of incident response activities: detecting, analyzing, and responding to various types of malicious activity (specific to Security Operations Center role) Intermediate knowledge of SOC runbooks, SOPs and knowledge management function (specific to Security Operations Center role) Intermediate knowledge of threat intelligence, threat hunting, attack surface management and investigations support functions (specific to Security Operations Center role) Intermediate knowledge of Splunk, and knowledge of syslog and Windows/Azure/O365/GCP event log formats (specific to Security Operations Center role) Intermediate knowledge of Security Orchestration, Automation and Response platforms (specific to Security Operations Center role) Basic knowledge of Microsoft and Google cloud platforms, to include knowledge of all feature sets applicable to security event detection and monitoring (specific to Security Operations Center role) Previous experience working in a Security Operations Center (SOC) environment (specific to Security Operations Center role) Advanced malware reverse engineering skills (specific to Security Operations Center role) Previous team lead experience (specific to Security Operations Center role) Experience with log aggregation and security event generation activities (specific to Security Operations Center role) Previous experience with SOC automation (specific to Security Operations Center role) Advanced digital forensics capabilities (specific to Security Operations Center role)Security Threat & Vulnerability Advanced knowledge of threat intelligence, threat hunting, attack surface management and investigations support functions (specific to Security Threat & Vulnerability role) Highly experienced in the understanding of the output from cybersecurity scanning technologies to include operating systems, Custom Code, Web-based vulnerability analysis, 3rd party installed and hosted applications, cloud-hosted compute platforms, and microservices (specific to Security Threat & Vulnerability role) Demonstrated understanding of internal security controls, assess risks and identify opportunities for improvement (specific to Security Threat & Vulnerability role) Highly experienced with information security concepts related to Threat and Vulnerability Management, system architecture and Internet technology (specific to Security Threat & Vulnerability role) Expertise in Vulnerabilities (OS, application, custom code, configuration, etc.) and associated risks (specific to Security Threat & Vulnerability role) Knowledge of attack vectors, threat actors, and mitigation techniques (specific to Security Threat & Vulnerability role)Security Governance, Risk & Compliance 3 years of experience developing Cybersecurity or information assurance policies, standards, awareness training, or equivalent issuances (specific to Security Governance, Risk & Compliance role) 3 years of experience conducting assessments or technical reviews to analyze risk (specific to Security Governance, Risk & Compliance role) Experience with information security programs, audits, controls, assessments, risk assessments, or remediation management (specific to Security Governance, Risk & Compliance role) Relevant information security certifications (e.g., CISSP, CISM, CEH, PCI ISA, CRISC, CISA, OSCP, GPen) (specific to Security Governance, Risk & Compliance role) Experience conducting information security risk assessments of vendors and vendor software (specific to Security Governance, Risk & Compliance role)About Lowes:Lowes Companies, Inc. (NYSE: LOW) is a FORTUNE 50 home improvement company serving approximately 20 million customers a week in the United States and Canada. With fiscal year 2020 sales of nearly $90 billion, Lowes and its related businesses operate or service more than 2,200 home improvement and hardware stores and employ over 300,000 associates. Based in Mooresville, N.C., Lowes supports the communities it serves through programs focused on creating safe, affordable housing and helping to develop the next generation of skilled trade experts. For more information, visit . EEO Statement Lowes is an equal opportunity employer and administers all personnel practices without regard to race, color, religious creed, sex, gender, age, ancestry, national origin, mental or physical disability or medical condition, sexual orientation, gender identity or expression, marital status, military or veteran status, genetic information, or any other category protected under federal, state, or local law. Pay Range for Colorado: $81,200.00 - $225,000.00 annually Starting rate of pay may vary based on factors including, but not limited to, position offered, location, education, training, and/or experience. For information regarding our benefit programs and eligibility, please visit /us/en/benefits .

Created: 2025-11-15