Sr Engineer, Information Security

Lowes Companies Inc NYSE LOW is a FORTUNExc2xae 50 home improvement company serving approximately 16 million customer transactions a week in the United States With total fiscal year 2023 sales of more than 86 billion Lowes operates over 1 700 home improvement stores and employs approximately 300 000 associates Based in Bengaluru Lowes India develops innovative technology products and solutions and delivers business capabilities to provide the best omnichannel experience for Lowes customers Lowes India employs over 4 200 associates across technology analytics merchandising supply chain marketing finance and accounting product management and shared services Lowes India actively supports the communities it serves through programs focused on skill-building sustainability and safe homes For more information visit Key Responsibilities Leads the implementation and maintenance of assigned information security solutions to ensure successful deployment and operation develops and documents detailed standards e g guidelines processes procedures Assists the Information Security team in monitoring security systems reviewing logs and managing information security systems Conducts regular security vulnerability assessments and provides exception reporting and remediation plans to leadership Designs and performs internal and external penetration validation testing to ensure that computer systems are up to date relative to all operating systems patches and virus protection software Collaborates with other technology teams including Engineering to design and implement remediation solutions Identifies reports and provides assistance during information security incidents as part of an Incident Response Team reviews and responds to security alerts to investigate malicious activity Supports evaluation of new security technologies that address both current and future needs based on emerging threats and industry trends Keeps up to date with exploits relevant to the retail sales environment Solves complex architecture design and business problems solutions are extensible works to simplify optimize remove bottlenecks etc Provides mentoring and guidance to more junior level engineers may provide feedback and direction on specific engineering tasks Responds to escalated security issues for enterprise systems facilitates advanced diagnosis and troubleshooting when necessary Participates in the implementation of hardware and software changes into environments to ensure security requirements are met Provides input into security breach response procedures helps lead security breach response activities Leads break fix activities escalating problems to senior management and or vendors as appropriate Analyzes the output of industry standard cybersecurity tools and identifies remediations to reduce risk and exposure of applications Completes custom enhancements of applications using secure coding techniques to reduce the threat of remote or local vulnerabilities Evaluates entire applications Container Infrastructure host platform to identify potential threats and vulnerabilities Required Qualifications Bachelors Degree in Computer Science CIS Engineering Cybersecurity or related field or equivalent work experience in a related field 5 Years in experience in technology system support software development or a related field 2 Years in experience with information security applications and systemsPreferred Qualifications 4 Years experience working on project s involving the implementation of solutions applying development life cycles SDLC 1 Year DevOps experience 3 Years of experience evaluating entire applications Container Infrastructure host platform to identify potential threats and vulnerabilities 3 Years of experience in the custom enhancement or development of applications using secure coding techniques to reduce the threat of remote or local vulnerabilities Advanced understanding of information security practices and policies 5 Years IT experience developing and implementing business systems within an organization 5 Years of experience working with defect or incident tracking software 5 Years of experience writing technical documentation in a software development environment 3 Years of experience working with an IT Infrastructure Library ITIL framework 3 Years of experience leading teams with or without direct reports 5 Years experience working with source code control systems Experience working with Continuous Integration Continuous Deployment tools 5 Years of experience in systems analysis including defining technical requirements and performing high level design for complex solutions Experience with Cloud technologies Years of Experience 5-7 years of experience in software development or a related field 4 years of experience in database technologies 4 years of experience working on project s involving the implementation of solutions applying development life cycles SDLC 5 years of IT experience developing and implementing business systems within an organization 5 years of experience working with defect or incident tracking software 5 years of experience writing technical documentation in a software development environment 5 years of experience working with an IT Infrastructure Library ITIL framework 3 years of experience leading teams with or without direct reports 5 years of experience working with source code control systems 6 years of experience in systems analysis including defining technical requirements and performing high level design for complex solution 2 experience in leading driving a team to deliver the stories features in time as committed assign tasks to team reviewing the code enforce coding best practices maintaining repositories managing the development cycles etc Experience working with Continuous Integration Continuous Deployment tools Education Qualification CertificationsRequired Minimum Qualifications Bachelor s Degree in Computer Science CIS Engineering Cybersecurity or related field or equivalent work experience in a related field Relevant information security certifications e g CISSP CISM CEH PCI ISA CRISC CISA OSCP GPen Skill Set RequiredPrimary Skills must have 5 years of experience in SailPoint IdentityIQ development and implementation Strong understanding of Identity and Access Management IAM concepts and methodologies Hands-on experience with SailPoint IdentityIQ platform including a Role-Based Access Control RBAC b Identity lifecycle managementc Designing workflowsd Access certifications Experience in integrating SailPoint with various IAM systems such as LDAP Active Directory databases Authoritative sources Workday and other third-party applications Proficiency in Java XML Beanshell and SQL Experience with application servers Apache Tomcat Knowledge of SSL certificate creation deployment renewal Lead discussion in developing and customizing connectors workflows and policies to meet business requirements Experience with SailPoint API development and customization Strong knowledge of IT security standards regulatory requirements and compliance such as SOX GDPR etc Ability to troubleshoot and resolve issues effectively Secondary Skills desired Knowledge of other IAM tools like Okta Ping or ForgeRock Experience in cloud-based IAM solutions such as SailPoint IdentityNow Familiarity with DevOps and automation tools e g Jenkins Ansible Agile project experience Lowe s is an equal opportunity employer and administers all personnel practices without regard to race color religious creed sex gender age ancestry national origin mental or physical disability or medical condition sexual orientation gender identity or expression marital status military or veteran status genetic information or any other category protected under federal state or local law Lowe s