Director, Information Security

About the job

Job Summary:

The primary purpose of this role is to provide overall direction to teams of technology security professionals responsible for delivering technology security solutions across security and technology domains. This includes partnering with cross-functional technology and business leaders, as well as vendors, to establish desired priorities and objectives and ensuring the team meets or exceeds expectations at the portfolio level. In addition, this role provides insight and recommendations to inform the ongoing strategy for health and care of assigned security processes and tools, often spanning domain(s) and/or platform(s). This individual manages people which includes responsibility for setting individual and team expectations, delegating assignments and managing performance, identifying talent needs, and coaching and developing team members.

Key Responsibilities:

• Oversees the acquisition, implementation, maintenance and use of information technology resources
• Ensures teams deliver appropriate and timely information security related training and support to technology users throughout the company
• Establishes and drives successful implementation and maintenance of coordinated enterprise-level security programs
• Oversees the process of designing and implementing security structures to support data security needs
• Leads the development and implementation of various information security projects to ensure strong governance and/or operations across Information Security at Lowe’s
• Leads the development, documentation, and maintenance of information security policies, procedures, and standards
• Ensures the team documents processes, procedures and guidelines as needed to support operations and audit requirements
• Ensures teams protect the integrity, confidentiality, and availability of information in the custody of or processed by the company
• Helps develop Key Performance Indicators (KPIs) for measurement of compliance with Information Security Management, and drives ongoing and accurate reporting against established KPIs
• Serves as an escalation point for complex or unresolved technology security issues; manages escalated issues effectively or further escalates issues to senior management when appropriate; raises business risks associated with technical issues to senior management
• Partners with architecture and engineering teams to drive solution designs that ensure that assets are appropriately secure at all times
• Leads the process of performing security tests, designing security architecture across the system and network, and developing policies regarding firewalls, encryption, access, and security breaches
• Leads the process of investigating security exceptions and incidents, reviewing violation reports, performing internal investigations, and developing and performing risk analysis scenarios to test the systems and networks
• Leads the process of evaluating and analyzing new security issues, software, and/or policies to ensure integrity and safe operation of systems and networks
• Ensures the team continuously identifies, assesses, measures and monitors the value of security programs and iterates to increase effectiveness
• Facilitates and ensures the team collaborates with technical teams to identify, resolve, and mitigate information security risk findings
• Helps establish a compelling vision for the function (including teams dispersed globally between US and India) by assessing the Technology landscape and anticipating business needs; defines clear roadmaps that align to this vision and support the overall Technology strategy
• Provides associates a direct line of sight into how they affect the business, translating strategy from executives and communicating business requirements
• Reviews and manages the selection of key vendor partners; effectively manages vendor relationships that result in strong collaboration, superior products and service offerings, and continued innovation
• Obtains, organizes, and aligns resources (including global resources) to achieve multiple business objectives tied directly to Technology and organizational strategy
• Leads the process of gathering input from stakeholders and looking for ways to improve tools, processes and best practices; provides guidance when developing and rolling out new solutions
• Encourages and facilitates successful cross-functional collaboration throughout the team; maintains strong relationships with other technology areas to make sure compatible directions and goals are set and the security posture is optimized
• Leads the research and evaluation of new or improved security software and devices to ensure they meet all requirements and deliver effective security solutions
• Leads the development and approval of standard operating procedures
• Provides leadership to the team by attracting and hiring talented individuals, setting goals and communicating clear expectations, providing timely and constructive feedback as well as meaningful developmental opportunities, managing performance, providing resources and support as needed, and sponsoring and leading team members through change
• Fosters team interactions with architects and software engineers to ensure functional specifications are converted into flexible, scalable, and maintainable security solutions
• Monitors the industry for external security news, standards and trends and evaluates new tools and security frameworks for potential implementation; makes recommendations to senior leadership related to current and future security infrastructure needs
• Motivates teams to perform at high levels and embraces change around a shared Compan

EEO Statement

Lowe’s is an equal opportunity employer and administers all personnel practices without regard to race, color, religious creed, sex, gender, age, ancestry, national origin, mental or physical disability or medical condition, sexual orientation, gender identity or expression, marital status, military or veteran status, genetic information, or any other category protected under federal, state, or local law.protected under federal, state, or local law.