AmbitionBox
Search
Jobs
- Reviews
- Salaries
- Interview Questions
- About Company
- Benefits
- Jobs
- Office Photos
- Community
Add office photos
All Filters
91 Lowe's Jobs
Sr. Analyst, Information Security
2-5 years
Bangalore / Bengaluru
1 vacancy
Sr. Analyst, Information Security
Lowe's
posted 15hr ago
Job Role Insights
Flexible timing
Key skills for the job
Job Description
Your Impact
The primary purpose of this role is to support the IT Security Compliance team s continuous compliance program. This includes responsibility for executing and improving processes and procedures with occasional guidance from senior-level security leaders.
This role manages and coordinates all activities of the continuous SOX and security compliance processes. The Sr. Analyst would be responsible for leading a workstream in assessing and implementing SOX controls supporting large, complex IT modernization initiatives that enable key business and technology strategies and programs with enterprise impact. This role oversees all activities including planning, program execution, control testing, and reporting for assigned workstreams. In addition, the Sr. Analyst provides critical input into the long-term strategy for technology security across all domains and platforms.
The individual in this role provides direction and indirect people leadership in a matrixed management environment.
The individual in this role provides direction and indirect people leadership in a matrixed management environment.
What You Will Do:
- Works closely with various groups and levels of leadership within Lowe s Tech, including the Executive Leadership Team.
- Collaborates with technical and business teams responsible for major financial system modernization efforts, security vital assets, and PCI scoped assets to determine control design effectiveness regularity impact and help in the design of the relevant SOX controls.
- Conducting IT and adjacent process walkthroughs to ensure control objectives are met and sufficient coverage is maintained.
- Develops written control workpapers and reports of varied depth on short deadlines, with minimal supervision, at a technical level of detail appropriate to the audience.
- Identifying and scoping improvement opportunities working to bring improvements to fruition while defining appropriate controls as well.
- Interfacing with management on all required activities internal control assessment scoping and controls definition; providing reasonable support during the assessment lifecycle.
- Provide oversight, direction, and mentoring advice to the IT Security Compliance analysts, sharing an in-depth understanding of company and industry methodologies, policies, standards, and control controls.
- Build and maintain effective working relationships with key business and IT stakeholders.
- Support management in developing robust action plans to address deficiencies and ensure remediation promptly to effectively address issues.
- Support internal team initiatives by delivering quality high-quality technical assessments.
- Provides insight and consultation to help ensure new and existing security solutions are developed with insight into industry best practices, strategies, and architectures.
- Makes recommendations for process or technology changes.
- Develops tools or processes to operationalize/improve workflows.
- Partners with senior key stakeholders to develop and/or update Information Security documents such as policies, standards, procedures training, etc.
Required Qualifications:
- Bachelors Degree in Computer Science, CIS, Engineering, Business Administration, Cybersecurity, or related field (or equivalent work or military experience in a related field).
- 2 years of experience developing Cybersecurity or information assurance policies, standards, awareness training, or 2 years of experience conducting assessments or technical reviews to analyze risk.
- Experience with information security programs, audits, and SOX
- 2 years of experience in information security compliance.
- Advanced understanding of fundamental security and network concepts (Windows and Unix security: endpoint security; logging and monitoring; application security; user access; perimeter protection principles, network communication rules; and analysis methods; etc.).
- Self-motivated, reliable, and follows through on commitments.
- Solutions-focused, strong work ethic, and desire to achieve excellence.
- Highly flexible and adaptable within a rapid and changing work environment.
Preferred Qualifications:
- IT security compliance experience in the retail industry
- Experience in a PCI/Retail technology environment
- Big 4 internal or external audit experience
- Relevant information security certifications (e.g., CISA, CISSP, PCI-P, ISA, CISM, CEH, CRISC, OSCP, GPen)
- Demonstrated understanding of internal security controls, risk assessment, and identifying opportunities for improvement
- Intermediate knowledge of vulnerability management (OS, application, custom code, configuration, etc.) and associated risks
- Excellent communication and interpersonal skills with success in working across organizations at all levels.
Employment Type: Full Time, Permanent
Read full job descriptionPrepare for Security roles with real interview advice
What people at Lowe's are saying
What Lowe's employees are saying about work life
based on 786 employees
Flexible timing
Monday to Friday
No travel
Day Shift
Lowe's Benefits
View more benefits
Compare Lowe's with
Home Depot
Compare
Ace Hardware
Compare
Menards
Compare
Sherwin Williams Paints
Compare
Fastenal
Compare
Grainger
Compare
Reliance Retail
Compare
Walmart
Compare
Landmark Group
Compare
Reliance Trends
Compare
Metro Cash & Carry
Compare
Tesco
Compare
Fabindia
Compare
Decathlon
Compare
Baazar Retail Private Limited
Compare
Spencer's Retail
Compare
V2 Retail
Compare
VIP Industries
Compare
Arvind Lifestyle Brands
Compare
Marks & Spencer
Compare
Similar Jobs for you
Share an Interview