Engineer, Information Security (Privilege Access Management )

Your Impact
"The primary purpose of this role is to support the design, implementation, and ongoing operations of information security tools and services. This includes translating business and technical requirements into robust enterprise security software solutions that ensure information assets are adequately protected with acceptable levels of control. This also includes monitoring, testing, and evaluating security assessments of systems and taking steps to help design and implement remediation solutions.
To be successful, the individual in this role must know security practices and tools related to privileged access management. This role helps establish and maintain programs that enable the business to operate efficiently and remain in compliance with regulatory and industry best practices."
Key Responsibilities:

• Serve as the primary technical responder for incidents and requests related to CyberArk Privileged Access Management (PAM) technologies.
• Perform account onboarding, safe creation, platform configuration, and management.
• Provide troubleshooting and post-production support for CyberArk modules, including:
• - Enterprise Password Vault (EPV)
• - Password Vault Web Access (PVWA)
• - Central Policy Manager (CPM)
• - Privileged Session Manager (PSM)
• - Application Access Manager (AAM) / Credential Providers
• - Secure Integration Application (SIA)
• Collect logs, analyze failure situations, troubleshoot issues, and implement known solutions while maintaining established OLAs/SLAs.
• Conduct routine maintenance such as applying hotfixes, security patching, device reboots, and configuration backups.
• Assist with CyberArk post-production activities, including connector configuration, custom rule development, and integration with third-party systems.
• Document incident resolutions, root cause analyses (RCA), and standard operating procedures (SOPs).
• Develop and maintain design specifications and reference architectures as needed.
• Work collaboratively with cloud platforms such as AWS, Azure, or Google Cloud to leverage their identity and governance services.
• Create and manage custom plugins and workflows using CyberArk's plugin framework.

Job Duties
Troubleshooting issues related to safes, platform creation, and account management. Analyzing the output of industry-standard cybersecurity tools and identifying remediations to reduce risk and exposure. Assisting with the implementation of solutions applying the System Development Life Cycle (SDLC). Creating detailed technical documentation, including design specifications and SOPs. Leading or participating in projects involving PAM implementations and enhancements. Supporting IT infrastructure and governance frameworks, such as ITIL. Utilizing defect or incident tracking software to document and resolve technical issues. Advanced understanding of information security and PAM architecture. Hands-on experience leading projects using Agile methodologies. Experience documenting and managing IT projects within ITIL frameworks.
Required Qualifications
1. Experience:

• 2+ years of experience working with PAM technologies, including CyberArk.
• 2+ years of IT experience developing and implementing business systems.
• 2+ years of experience with defect or incident tracking software.
• 2+ years of experience working within an IT Infrastructure Library (ITIL) framework.

2. Certifications in either of the following:

• CyberArk Certified Delivery Engineer (CDE) (Required)

OR;

• CyberArk Defender Certification (Required)

OR;

• CyberArk Sentry Certification (Required)

3. Skills:

• Strong understanding of CyberArk modules (EPV, PVWA, CPM, PSM, AAM, SIA).
• Hands-on experience with cloud platforms such as AWS, Azure, or Google Cloud.

Preferred Qualifications
1. Education:

• Master's degree in computer science, CIS, Business Administration, or a related field.

2. Certifications:

• CISSP, CISM, CISA, CEH, PCI ISA, CRISC, OSCP, GPen (Preferred).
• PMP, Scrum CSM/CSPO certifications (Preferred).

3. Experience:

• 1+ year of experience on projects involving SDLC implementation.
• 2+ years of experience analyzing output from cybersecurity tools.
• 2+ years of experience leading teams, with or without direct reports.
• Advanced understanding of information security practices and policies.

Certifications: Required vs. Preferred
Required Certifications:

• CyberArk Certified Delivery Engineer (CDE)
• CyberArk Defender
• CyberArk Sentry

Preferred Certifications:

• CISSP, CISM, CEH, PCI ISA, CRISC, CISA, OSCP, GPen
• PMP, Scrum CSM/CSPO

Where You'll Be

• Associates are required to relocate to the Charlotte region to foster collaboration and facilitate improved testing and support.
• Lowe's supports a Flex Office concept where in-person work is required two days per week at the Charlotte Tech Hub
• Most business meetings are planned around the Eastern time zone.

About Lowe's
Lowe's Companies, Inc. (NYSE: LOW) is a FORTUNE® 50 home improvement company serving approximately 16 million customer transactions a week in the United States. With total fiscal year 2023 sales of more than $86 billion, Lowe's operates over 1,700 home improvement stores and employs approximately 300,000 associates. Based in Mooresville, N.C., Lowe's supports the communities it serves through programs focused on creating safe, affordable housing and helping to develop the next generation of skilled trade experts. For more information, visit Lowes.com .
Lowe's is an equal opportunity employer and administers all personnel practices without regard to race, color, religious creed, sex, gender, age, ancestry, national origin, mental or physical disability or medical condition, sexual orientation, gender identity or expression, marital status, military or veteran status, genetic information, or any other category protected under federal, state, or local law.