Job Description

Lowe\xe2\x80\x99s Companies, Inc. (NYSE: LOW) is a FORTUNE\xc2\xae 50 home improvement company serving approximately 16 million customer transactions a week in the United States. With total fiscal year 2023 sales of more than $86 billion, Lowe\xe2\x80\x99s operates over 1,700 home improvement stores and employs approximately 300,000 associates. Based in Bengaluru, Lowe\xe2\x80\x99s India develops innovative technology products and solutions and delivers business capabilities to provide the best omnichannel experience for Lowe\xe2\x80\x99s customers. Lowe\xe2\x80\x99s India employs over 4,200 associates across technology, analytics, merchandising, supply chain, marketing, finance and accounting, product management and shared services. Lowe\xe2\x80\x99s India actively supports the communities it serves through programs focused on skill-building, sustainability and safe homes. For more information, visit, .Job Summary
"The primary purpose of this role is to support the design, implementation and ongoing operations of information security tools and services. This includes translating business and technical requirements into robust enterprise security software solutions that ensure information assets are adequately protected with acceptable levels of control. This also includes monitoring, testing, and evaluating security assessments of systems and taking steps to help design and implement remediation solutions.Key Responsibilities

• Supports the implementation and maintenance of assigned information security solutions to ensure successful deployment and operation; develops and documents detailed standards (e.g., guidelines, processes, procedures)
• Assists the Information Security team in monitoring security systems, reviewing logs, and managing information security systems
• Participates in regular security vulnerability assessments
• Performs internal and external penetration validation testing to ensure that computer systems are up to date relative to all operating systems, patches, and virus protection software
• Collaborates with other technology teams including Engineering to design and implement remediation solutions
• Provides assistance during information security incidents as part of an Incident Response Team
• Performs security tests against 3rd party products
• Remains aware of technological trends and developments in the area of information security
• Solves difficult technical problems; solutions are testable, maintainable, and efficient
• Provides support in the event of escalated security issues for enterprise systems; helps diagnose, troubleshoot, and resolve issues
• Supports the implementation of hardware and software changes into environments to ensure security requirements are met
• Provides input into security breach response procedures; assists with security breach response activities
• Participates in break/fix activities
• Analyzes the output of industry standard cybersecurity tools and helps identify remediations to reduce risk and exposure of applications
• Completes basic custom enhancements of applications using secure coding techniques to reduce the threat of remote or local vulnerabilities
• Evaluates entire applications (Container, Infrastructure, host platform) to identify potential threats and vulnerabilities

Identity Management:Design, implement, and manage identity and access management (IAM) systems in cloud environments.Understanding of cloud identity solutions integration with on-premises directories, including Active Directory and Azure AD.Understanding of Managing and maintaining user access controls, ensuring proper role-based access and least privilege principles and PIM/Just-in-time access.Governance and Compliance:Implement and enforce identity governance policies across cloud platforms.Monitor and audit identity and access activities to ensure compliance with security standards and regulations.Collaborate with security teams to identify and mitigate potential risks in identity management.Cloud Integration:Assist in the integration of cloud identity solutions with SaaS applications and cloud infrastructure.Work closely with cloud engineers and developers to support secure application development and deployment.Automate identity lifecycle management using scripting and cloud-native tools.Support and Troubleshooting:Provide technical support for identity-related issues, including user access problems and authentication failures.Troubleshoot and resolve issues related to cloud identity and governance systems.Stay updated on the latest trends and technologies in cloud identity and governance.Documentation and Training:Document identity and governance processes, procedures, and configurations.Provide training and support to end-users and other IT teams on identity and governance best practices.Required Qualifications
Bachelor\'s Degree in Computer Science, CIS, Engineering, Cybersecurity, or related field (or equivalent work experience in a related field)Experience:1-2+ years of experience in identity and access management, preferably in cloud environments like Azure, GCP and Oracle2- 3 years of overall hands-on experience with Active Directory, Azure Active Directory, or similar directory services.Experience with cloud platforms such as AWS, Azure, or Google Cloud, particularly with their identity and governance services.Technical Skills:Basic understanding of directories and domain services, including LDAP, Group Policy, and Kerberos.Familiarity with identity protocols such as SAML, OAuth, and OpenID Connect.Proficiency in scripting languages (e.g., PowerShell, Python, Terraform) for automation.Knowledge of security frameworks and compliance standards like GDPR, HIPAA, or SOC 2.Soft Skills:Strong problem-solving abilities and attention to detail.Excellent communication and collaboration skills.Ability to work independently and as part of a team.Preferred Qualifications:
Master\'s degree in computer science, CIS, Business Administration, or related field
2 Years of experience analyzing the output of industry standard cybersecurity tools and identifying remediations to reduce risk and exposure of applications
Relevant information security certifications (e.g., CISSP, CISM, CEH, PCI ISA, CRISC, CISA, OSCP, GPen)
Advanced understanding of information security practices and policiesPreferred Certifications:Microsoft Certified: Identity and Access Administrator Associate (SC-300)Microsoft Azure Fundamentals (AZ-900)GCP associate cloud EngineerOracle Cloud Infrastructure 2024 Certified Foundations Associate certificationCertified Information Systems Security Professional (CISSP)Lowe\'s is an equal opportunity employer and administers all personnel practices without regard to race, color, religious creed, sex, gender, age, ancestry, national origin, mental or physical disability or medical condition, sexual orientation, gender identity or expression, marital status, military or veteran status, genetic information, or any other category protected under federal, state, or local law.

Lowe\xe2\x80\x99s