Skip Navigation

No saved jobs found!

Job Description

Job Description

Sr. Security Analyst, IT Security Governance

Job ID 1583823BR Date posted 04/25/2019 Location Mooresville, NC Location Name CSC-Mooresville Address 1000 Lowes Boulevard Employment Type I Regular Employment Type II Full-Time Line of Business Corporate Department 0126 - IT Security Governance


The Sr. Security Analyst, IT Security Governance is primarily responsible for overseeing all programs, projects and changes within the organization to determine and categorize the risk of these activities as it pertains to the confidentiality, integrity and availability of information being process, stored, or transmitted.

The Sr. Security Analyst, IT Security Governance must have knowledge of; business process security, data security and classification, infrastructure design, authorization and access control security, risk analysis/management, regulatory compliances (PCI, SOX, HIPAA, etc), network design and security, vulnerability assessments and mitigation.

This role is highly motivated and possess strong, hands on technical knowledge of a wide range of information security/business continuity controls and the process used for evaluating control design and effectiveness.


  • Analyze complex technical and business requirements from a security perspective and make appropriate recommendations to reduce the over-all risk to Lowe’s
  • Communicate security policies and standards and how they align to their customers
  • Recognize different regulatory compliance standards and can communicate how they are applicable
  • Perform evaluation of IT controls to reduce the impact of internal and external IT audits
  • Evaluate/interpret SOX IT Audit, PCI DSS and Privacy requirements and provide guidance to process and control owners on how to comply with the requirements.
  • Assist project teams to evaluate IT Risk and Compliance considerations for projects
  • Assist in performing enterprise risk assessments
  • Review contracts in support of Third Party risk management objectives


  • Bachelor’s Degree in Computer Science or related field plus 6 years of experience or 8+ years of experience in Information Security
  • 4+ years of experience as a Senior Security Analyst or equivalent
  • Strong ability to articulate business risks of technical issues to non-technical personnel
  • Knowledge of core Information Security concepts related to Governance, Risk & compliance
  • Strong analytical / problem solving skills
  • Broad knowledge of infrastructure (network and servers), services and security policies
  • Demonstrated ability to work in a team environment
  • Ability to act independently and exercise good judgment as well as the ability to work cross functionally and create virtual teams is essential
  • Ability to prioritize and manage multiple tasks
  • Up to 10% travel is required for this role


  • Demonstrated understanding of internal security controls, assess risks and identify opportunities for improvement
  • Strong analytical skills/problem solving/conceptual thinking
  • Knowledge of Governance, Risk, and Compliance process, practices and procedures.
  • Knowledge of GRC Applications and tools, like Archer, Keylight, ServiceNow
  • Prior exposure to, and experience with, SOX IT Audit, PCI DSS, and Privacy regulations
  • Prior exposure to NIST CSF, ISO, and other frameworks
  • Experience managing projects and leading cross-functional teams
  • Certifications: Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), GIAC Critical Controls Certification (GCCC), or GIAC Security Essentials (GSEC)
  • Intermediate to advanced proficiency in the use of Microsoft Office products, including Word, Excel, and PowerPoint
  • Strong technical, analytical and problem-solving skills
  • Strong communication skills to effectively interact with and influence internal and external partners on all levels to resolve issues and provide solutions in a timely manner

Lowe’s is an equal opportunity affirmative action employer and administers all personnel practices without regard to race, color, religion, sex, age, national origin, disability, sexual orientation, gender identity or expression, marital status, veteran status, genetics or any other category protected under applicable law.

Email Job

Talent Community

Please sign up here to join our Talent Community

*Please note you will need to continue through the application process in order to apply.

Stay Connected

Read More | Get Social