Security Risk Analyst IIIApply Now Job ID 1516633BR Date posted 01/09/2019 Location Mooresville, NC Location Name CSC-Mooresville Address 1000 Lowes Boulevard Employment Type I Regular Employment Type II Full-Time Line of Business Corporate Department 0126 - IT Security Governance
PURPOSE OF ROLE:
The Information Security Analyst III is primarily responsible for overseeing all programs, projects and changes within the organization to determine and categorize the risk of these activities as it pertains to the confidentiality, integrity and availability of information being process, stored, or transmitted. The Information Security Analyst III is also responsible for ensuring that Lowe’s is meeting/exceeding all compliance requirements.
To accomplish this, the Information Security Analyst III must have knowledge of; business process security, data security and classification, infrastructure design, authorization and access control security, risk analysis/management, regulatory compliances (PCI, SOX, HIPAA, etc), network design and security, vulnerability assessments and mitigation.
The Information Security Analyst III works closely with program and project teams in order to ensure security is thought about in the requirements phase of the program and followed through implementation. The Information Security Analyst III must be highly motivated and possess strong, hands on technical knowledge of a wide range of information security/business continuity controls and the process used for evaluating control design and effectiveness. The Information Security Analyst III must possess superior written and verbal communication skills including the ability to communicate clearly and concisely to all levels of management
ESSENTIAL RESPONSIBILITY STATEMENTS
- Ability to analyze complex technical and business requirements from a security perspective and make appropriate recommendations to reduce the over-all risk to Lowe’s.
- Understand and discuss security policies and standards and how they align to their customers.
- Understand the different regulatory compliance standards and can communicate how they are applicable.
- Evaluation of IT controls to reduce the impact of internal and external IT audits
- Evaluate/interpret SOX IT Audit, PCI DSS and Privacy requirements and provide guidance to process and control owners on how to comply with the requirements.
- Assist project teams to evaluate IT Risk and Compliance considerations for projects
- Assist in performing enterprise risk assessments
- Review contracts in support of Third Party risk management objectives
- Bachelor’s Degree in Computer Science or related field plus 6 years of experience or 8+ years of experience in Information Security
- 4+ years of experience as a Senior Security Analyst or equivalent
- Strong ability to articulate business risks of technical issues to non-technical personnel
- Knowledge of core Information Security concepts related to Governance, Risk & compliance
- Strong analytical / problem solving skills
- Broad knowledge of infrastructure (network and servers), services and security policies
- Demonstrated ability to work in a team environment
- Ability to act independently and exercise good judgment as well as the ability to work cross functionally and create virtual teams is essential
- Ability to prioritize and manage multiple tasks
- Up to 10% travel is required for this role
- Demonstrated understanding of internal security controls, assess risks and identify opportunities for improvement
- Strong analytical skills/problem solving/conceptual thinking
- Knowledge of Governance, Risk, and Compliance process, practices and procedures.
- Knowledge of GRC Applications and tools, like Archer, Keylight, ServiceNow
- Prior exposure to, and experience with, SOX IT Audit, PCI DSS, and Privacy regulations
- Prior exposure to NIST CSF, ISO, and other frameworks
- Experience managing projects and leading cross functional teams
- Certifications: Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), GIAC Critical Controls Certification (GCCC), or GIAC Security Essentials (GSEC).
- Intermediate to advanced proficiency in the use of Microsoft Office products, including Word, Excel and PowerPoint.
- Strong technical, analytical and problem solving skills.
- Strong communication skills to effectively interact with and influence internal and external partners on all levels to resolve issues and provide solutions in a timely manner.
Lowe’s is an equal opportunity affirmative action employer and administers all personnel practices without regard to race, color, religion, sex, age, national origin, disability, sexual orientation, gender identity or expression, marital status, veteran status, genetics or any other category protected under applicable law.Apply Now Email Job
Congratulations to our #ChiefInformationOfficer, Seemantini Godbole, who was named one of the top ten #WomeninTech! Learn more about her background and impact at Lowe's here: sm.lowes.com/83JQmI pic.twitter.com/S9lJdg33VG
Lowe's recruiters started off the New Year networking with #studentveterans at #NatCon2019! Thank you to @studentvets hosting the inspiring and successful event. #LowesLife pic.twitter.com/3DQQ0CXo6f
Lowe's CIO Seemantini Godbole was named one of the Top Ten Women in Tech! Under her leadership, Lowe's is undergoing a digital transformation and developing a world-class technology team. Congratulations Seemantini! Discover more about our CIO's background and impact at Lowe's here: http://sm.lowes.com/GhfFh7 #WomenInTechnology #LowesLife
#DYK Lowe's emergency command center has been deploying disaster relief for 30 years? Take a look inside the command center here: sm.lowes.com/z4zaEs pic.twitter.com/VMvyjrJSGg
Lowe's recruiters had a great time at #NatCon2019, the largest annual gathering of student veterans! They networked with student veterans from across the country, talked about Lowe’s commitment to veterans, and left feeling inspired. What a great way to start 2019! #LowesLife
Lowe's is recognizing the employees who pour their hearts and souls into their work. Congrats to Timothy Ricker, winner of the exceptional #customerservice award! pic.twitter.com/3pjP3rkZ5c
Congratulations to exceptional customer service award winner Timothy Ricker, who is an avid supporter of the Employee Relief Fund and the Boys and Girls Club. We're happy to be able to give back to an employee who contributes so much to Lowe's. #LowesLife
We're proud to announce that Lowe's has been named one of the 50 Best Companies for Diversity by @blackenterprise! Learn more about the honor here: sm.lowes.com/Hai1SW #DiversityandInclusion pic.twitter.com/ItLHTCbxRw