Lead Cloud Security Engineer

Job Summary:

This role’s primary purpose is leading a team of cloud security engineers focused on supporting scalable cloud-native platform builds and deployments. Also, provide direction to the configuration, deployment, and management of cloud security across a diverse environment of infrastructure teams, software engineers, and architects across the enterprise. To be successful, the individual in this role must have advanced experience building and deploying cloud-based solutions and functioning as a technical expert across multiple domains for adhering to security requirements

Key Responsibilities:

  • Build, deploy, and maintain source code of security engineering applications
  • Educate others on current architectural standards and guidelines to drive efficiency in the design and implementation of information security solutions
  • Resolve complex problems spanning multiple applications to drive overall improvements in security across systems and applications
  • Execute assessments and migration plans to move and deploy workloads in Google Cloud Platform (GCP), Amazon Web Services (AWS), and Microsoft Azure (Azure)
  • Guide developing, deploying, and operating software in a multi-cloud environment
  • Manage onboarding and enablement of product development teams that are new to cloud-native deployments
  • Facilitate effective collaboration with other technology teams to design and implement remediation solutions
  • Secure the build and implementation of scalable cloud-based web applications for PaaS, IaaS, or SaaS
  • Develop and support automation solutions for source code deployment and configuration management
  • Implement end to end complex CI/CD pipeline deployments
  • Lead the technical evaluation of new security technologies that address both current and future needs based on emerging threats and industry trends
  • Perform load and stress analysis of end to end application performance on infrastructure, capacity planning of APIs, and key services
  • Solve complex cross-functional architecture/design and business problems; solutions are extensible; works to simplify, optimize, remove bottlenecks, etc.
  • Mentor and advise junior engineers, sharing an in-depth understanding of the company and industry methodologies, policies, standards, and controls
  • Design infrastructure as code structure including Terraform
  • Make recommendations to Business and Technology leadership to ensure alignment of infrastructure applications and data with current and future security standards
  • Function as a Full Stack Engineer building large scale and distributed applications using Cloud Native technologies
  • Develop and maintain performance monitoring systems for infrastructure and application
  • Analyze the output of industry-standard cybersecurity tools and identifies remediations to reduce risk and exposure of applications
  • Complete custom enhancements of applications using secure coding techniques to reduce the threat of remote or local vulnerabilities
  • Support efforts in building, deploying, and operating software in one or more container scheduling environments
  • Evaluate entire applications (Container, Infrastructure, host platform) to identify potential threats and vulnerabilities
  • Build technical solutions required for optimal ingestion, transformation, and loading of data from a wide variety of data sources using open-source, AWS, Azure and GCP
  • Evaluate complex application and hosting environments to identify potential weaknesses and provide remediation plans to reduce risk
  • Assist in the integration of application pipelines with secure configuration parameters to remove or reduce known threat vectors

Minimum Qualifications:

  • Bachelor’s Degree in Computer Science, CIS, Engineering, Cybersecurity, or related field
  • 7 years of experience in technology system support, software development or a related field
  • 5 years of experience with information security applications and systems
  • 4 years of experience in database technologies•6 years of experience working on project(s) involving the implementation of solutions applying development life cycles (SDLC)
  • 3 years of DevOps experience
  • 1 year of experience with Cloud technologies
  • 4 years of experience designing application pipelines with secure configuration parameters to remove or reduce known threat vectors
  • 4 years of experience evaluating complex application and hosting environments to identify potential weaknesses and provide remediation plans to reduce risk
  • 5 years of experiencing designing complex application and infrastructure systems to identify and recommend cybersecurity mitigations in either code or additional infrastructure items (WAF, FW, etc.)
  • 6 years of experience working with diverse application and infrastructure environments to identify and provide technical guidance on threat reduction at both the application and supporting infrastructure layer

Preferred Experience:

  • One or more of the following certifications: CISSP, CISM, CEH, PCI ISA, CRISC, CISA, OSCP, GPen
  • Experience with infrastructure-as-code frameworks such as Terraform
  • Hands-on work experience with implementations and deployment of Google Cloud Platform (GCP)
  • Multi-cloud experience (GCP, Azure, AWS)
  • Demonstrated expertise building and managing highly scaled production infrastructure in Public Cloud Environments
  • Experience developing, deploying, and operating software in one or more container environments
  • Advanced knowledge in CI/CD tools and techniques
  • In-depth & hands-on experience with securing Kubernetes and containerization workloads
  • Engineering cloud security guard rails in AWS, Azure, or GCP
  • Experience writing technical documentation in a software development environment
  • Experience leading teams, with or without direct reports
  • 4 years of experience working with source code control systems
  • Experience with one or more Infrastructure-as-Code tools
  • Experience developing, deploying, and operating software in one or more public cloud infrastructure (GCP, Azure, AWS)
  • Experience deploying software applications to production

About Lowe’s:

Lowe’s Companies, Inc. (NYSE: LOW) is a FORTUNE® 50 home improvement company serving approximately 20 million customers a week in the United States and Canada. With fiscal year 2020 sales of nearly $90 billion, Lowe’s and its related businesses operate or service more than 2,200 home improvement and hardware stores and employ over 300,000 associates. Based in Mooresville, N.C., Lowe’s supports the communities it serves through programs focused on creating safe, affordable housing and helping to develop the next generation of skilled trade experts. For more information, visit Lowes.com.

About Lowe’s in the Community:
As a FORTUNE® 50 home improvement company, Lowe’s is committed to creating safe, affordable housing and helping to develop the next generation of skilled trade experts through nonprofit partnerships. Across every community we serve, Lowe’s associates donate their time and expertise through the Lowe’s Heroes volunteer program. For the latest news, visit Newsroom.Lowes.com or follow @LowesMedia on Twitter.

Lowe’s is an equal opportunity employer and administers all personnel practices without regard to race, color, religious creed, sex, gender, age, ancestry, national origin, mental or physical disability or medical condition, sexual orientation, gender identity or expression, marital status, military or veteran status, genetic information, or any other category protected under federal, state, or local law.

More Information

Apply for this job

Leave your thoughts

Share this job