Sr Engineer, Information Security - (Privilege Access Management)

Your Impact
"The primary purpose of this role is to support the design, implementation, and ongoing operations of information security tools and services. This includes translating business and technical requirements into robust enterprise security software solutions that ensure information assets are adequately protected with acceptable levels of control. This also includes monitoring, testing, and evaluating security assessments of systems and taking steps to help design and implement remediation solutions.
To be successful, the individual must have knowledge of security practices and tools related to privileged access management. This role helps establish and maintain programs that enable the business to operate efficiently and remain in compliance with regulatory and industry best practices."
Key Responsibilities:
Design and Implementation:

• Architect and deploy CyberArk solutions, including Secure Integration Application (SIA), to securely manage privileged accounts and secrets.
• Lead the configuration and integration of the latest CyberArk versions (12.x or above) across enterprise systems.
• Design workflows for onboarding privileged accounts, safe creation, and access management.

Integration and Automation:

• Integrate CyberArk with enterprise systems such as Windows, Unix/Linux, databases, and network devices.
• Develop and deploy CyberArk plugins to extend platform capabilities.
• Leverage REST APIs for workflow automation, third-party integrations, and system enhancements.

Support and Maintenance:

• Provide expert-level troubleshooting and post-production support for CyberArk environments, including log analysis and error diagnosis.
• Perform routine system maintenance such as patch management, configuration backups, and hotfix applications.
• Ensure CyberArk aligns with industry standards and best practices for PAM.
• Provide troubleshooting and post-production support for CyberArk modules, including:
• Enterprise Password Vault (EPV)
• Password Vault Web Access (PVWA)
• Central Policy Manager (CPM)
• Privileged Session Manager (PSM)
• Application Access Manager (AAM) / Credential Providers
• Secure Integration Application (SIA)

Cloud and Security Integration:

• Manage PAM integrations with cloud platforms like AWS, Azure, and Google Cloud using CyberArk's Identity Security Platform.
• Ensure secure management of secrets for cloud-based applications and services using CyberArk's latest capabilities.

Documentation and Compliance:

• Create and maintain technical documentation, including design specifications, SOPs, and integration manuals.
• Support audits and compliance efforts by ensuring CyberArk configurations meet regulatory and security standards.

Thought Leadership:

• Stay updated on CyberArk advancements, including new SIA features and industry trends in PAM.
• Provide recommendations on optimizing CyberArk usage and expanding its integration footprint.

Required Qualifications:
1. Experience:

• 4+ years of experience working with PAM technologies, including CyberArk.
• 4+ years of IT experience developing and implementing business systems.
• 4+ years of experience with defect or incident tracking software.
• 4+ years of experience working within an IT Infrastructure Library (ITIL) framework.

2. Certifications in either of the following:

• CyberArk Certified Delivery Engineer (CDE) (Required)

OR;

• CyberArk Defender Certification (Required)

OR;

• CyberArk Sentry Certification (Required)

3. Skills:

• Strong understanding of CyberArk modules (EPV, PVWA, CPM, PSM, AAM, SIA).
• Hands-on experience with cloud platforms such as AWS, Azure, or Google Cloud.

Preferred Qualifications:
1. Education:

• Master's degree in computer science, CIS, Business Administration, or a related field.

2. Certifications:

• CISSP, CISM, CISA, CEH, PCI ISA, CRISC, OSCP
• PMP, Scrum CSM/CSPO certifications (Preferred).

3. Experience:

• 1+ year of experience on projects involving SDLC implementation.
• 3+ years of experience analyzing output from cybersecurity tools.
• 3+ years of experience leading teams, with or without direct reports.
• Advanced understanding of information security practices and policies.

Certifications: Required vs. Preferred
Required Certifications:

• CyberArk Certified Delivery Engineer (CDE)
• CyberArk Defender
• CyberArk Sentry

Preferred Certifications:

• CISSP, CISM, CEH, PCI ISA, CRISC, CISA, OSCP
• PMP, Scrum CSM/CSPO

Where You'll Be

• Associates are required to relocate to the Charlotte region to foster collaboration and facilitate improved testing and support.
• Lowe's supports a Flex Office concept where in-person work is required two days per week at the Charlotte Tech Hub
• Most business meetings are planned around the Eastern time zone.

About Lowe's
Lowe's Companies, Inc. (NYSE: LOW) is a FORTUNE® 50 home improvement company serving approximately 16 million customer transactions a week in the United States. With total fiscal year 2023 sales of more than $86 billion, Lowe's operates over 1,700 home improvement stores and employs approximately 300,000 associates. Based in Mooresville, N.C., Lowe's supports the communities it serves through programs focused on creating safe, affordable housing and helping to develop the next generation of skilled trade experts. For more information, visit Lowes.com .
Lowe's is an equal opportunity employer and administers all personnel practices without regard to race, color, religious creed, sex, gender, age, ancestry, national origin, mental or physical disability or medical condition, sexual orientation, gender identity or expression, marital status, military or veteran status, genetic information, or any other category protected under federal, state, or local law.