• Develop and champion strategic information security solutions with Global Information Services (IT) and key business stakeholders.
• Provide oversight of information security requirements on information technology and business sponsored projects.
• Develop strategic roadmaps for information security capabilities such as authentication, encryption, and secure network design, detection and prevention technologies.
• Design and implement long-term strategic goals and short-term tactical plans for managing and maintaining Information Security controls, standards and best practices.
• Ensure that proposed and existing information systems architectures, solutions and services are in compliance with information security program controls, standards, best practices, and information security program policies.
• Provide architectural expertise, direction, and assistance to information technology, service and solution providers, and key business stakeholders in support of information services development and operations.
• Develop, document, and communicate plans for investing in information security architecture, including analysis of risk reduction opportunities and the emerging threat landscape.
• Tracks developments and changes in the digital business and threat environments to ensure that they're adequately addressed in security strategy plans and architecture artifacts
• Build a security assurance framework and plans to ensure security standards are adequately applied, security controls are efficient and identify vulnerabilities in a proactive manner.
• Conducts or facilitates threat modeling of services and applications that tie to the risk and data associated with the service or application
• Supports the testing and validation of internal security controls, as directed by the CISO or the internal audit team
• Reviews security technologies, tools and services, and makes recommendations to the broader security team for use, based on security, financial and operational metrics

Skills: Information Security Strategy, Risk Management, Security Architecture Design, Governance and Compliance, Security Assurance, Threat Modeling, Cross-Functional Collaboration, Security Testing.

• Work closely with outside companies helping to migrate and manage the internal IT security programs by providing architectural solutions guidance
• Work with business teams in order to analyze and prioritize business-related risks
• Provide assessments of technology risks and requirements to the requesting party including evaluation of authorization, authentication, auditing, input validation, penetration testing items, application and session security, and security of data transport and storage
• Regularly evaluate existing security architecture and impose enhancements based on the new trends
• Engage in multiple operational and technology risk governance processes
• Constantly research new market trends, products, and technology and evaluate them for better usage for the firm
• Create detailed documentation for developers, admins, and business
• Assessing new and existing strategic products and systems to identify gaps in information security approach and creating improvement plans where required.
• Ensuring alignment of technologies to the prescribed target security architecture.
• Development and embedding of standards and patterns for common security problems across.
• Monitoring the changing threat and security technology landscape to ensure information security practices remain up-to-date, effective, and continually improving.

Skills: IT Security Architecture, Risk Analysis, Technology Risk Assessment, Security Architecture Enhancement, Risk Governance, Market Research, Documentation Creation, Security Gap Analysis.

• Collaborate with business and technology stakeholders, including directors, executives, managers and engineers to conceptualize to-be architecture designs that achieve desired trade-offs across technology strategy, business goals, and security outcomes.
• Participate in Risk Management processes, perform risk assessments and plan mitigations
• Rationalize, evaluate and design security tools and services
• Contribute to the development and implementation of security controls, policies, and procedures
• Assist development teams in the adoption of DevSecOps practices into the application lifecycle
• Analyze threats to ensure the secure design of applications and solutions
• Periodically, participate in security assessments, including pen tests, vulnerability assessments, internal and external audits, and simulations
• Lend insights to the practices, technologies, and procedures for security incident response and recovery
• Direct vendor engagement to ensure alignment with internal security standards
• Develop and maintain the Reference Architectures for ensuring the security of the Enterprise
• Contribute exemplars of executed security patterns and technology to client’s Reference Architecture

Skills: Architecture Design, Risk Management, Security Tool Evaluation, Security Policy Development, DevSecOps Integration, Threat Analysis, Security Assessments, Vendor Engagement.

• Provide SME support on security systems standards for network/application/database
• Providing technical support
• Advise customers on security best practices based on infrastructure need.
• Evaluate customer’s current security posture and report on possible deficiencies.
• Architect solutions needed to meet Security / Infrastructure and Use Case requirements
• Prepares security reports by collecting, analyzing, and summarizing data and trends.
• Elicit and document customer requirements for Cloud and Big Data projects, delivering analysis and recommendations on approaches to accomplish the requirements.
• Develop custom, efficient, complete Cloud management strategies for AWS and other cloud providers.
• Create project plans for content projects, report effectively on project status, and deliver on-time results that meet or exceed requirements
• Participate projects as a Software Security Architect
• Develop solution proposal regarding customer needs

Skills: Security Systems Expertise, Technical Support, Security Best Practices Advisory, Security Posture Evaluation, Solution Architecture, Security Reporting, Cloud and Big Data Analysis, Cloud Management Strategy.

• Defines and documents architectural security standards, target state architectures, and best practices that guide and influence architecture decisions for a specific domain with guidance from the global security architecture team
• Completes research and analysis of the technology industry and market trends to determine the potential impact on the enterprise
• Understands and interprets Lowe's current Information Technology landscape to identify weaknesses for application owners to develop improvements and works with leadership to prioritize improvement projects
• Oversees the development of architecture transition plans for moving from current to future state business, data, application, and infrastructure models, within large cross-functional and complex business areas
• Creates architecture roadmaps for the introduction and retirement of technology, cost/risk reduction, and optimization, ensures adherence to architectural standards and the continual enablement of business strategies
• Partnership with Lowe’s global security architecture team, incorporates enterprise business trends and strategies to create domain-specific target state architecture, standards, guidelines, patterns, and reference models
• Manages the evaluation and selection of network, infrastructure technology, product standards, and the design of standard configurations with guidance from Lowe’s global security architecture team
• Defines and enforces Architecture security standards, procedures, metrics and policies to ensure consistency across the organization with guidance from Lowe’s global security architecture team
• Collaborate with technology architecture teams by performing security analysis of proposed architectures, providing risk assessment feedback, including security requirements
• Support Business and Technical teams in developing and deploying secure architectures for Mergers, Acquisitions and Divestitures
• Define information security controls and patterns that support risk assessments and support the development of secure cloud-based and hybrid architectures

Skills: Security Architecture, Technology Trend Analysis, IT Landscape Assessment, Architecture Transition Planning, Architecture Roadmap Creation, Target Architecture Collaboration, Network Technology Evaluation, Security Risk Assessment.

• Experience leading technical teams with or without direct reports
• Experience working in a large matrixed organization
• Experience in an IT role requiring interaction with senior leadership
• Experience defining Target State Architectures and Roadmaps
• Experience with commercial off-the-shelf package integration
• Experience architecting, designing, and implementing enterprise-scale, high-volume, high-availability systems
• Experience working with Enterprise Architecture frameworks, such as TOGAF or Zachman
• Experience working with third-party IT vendors and/or IT system solution providers
• Extensive experience in designing large security architecture in Production environments (automotive, aeronautic, industry...)
• Extensive experience in Industrial Technologies (SCADA...) and constraints (availability…)
• Background in financial services technology operations or engineering or equivalent consulting work
• Strong cross-silo Enterprise Security Architecture experience Examples enterprise identity and access management, enterprise key management and data encryption, enterprise logging, and security incident and event monitoring
• Strong analytical skills, able to demonstrate flexibility regarding problem-solving

Qualifications: BA in Computer Science with 5 years of Experience

• Experience with engineering and administering production IT systems or networks for government agencies
• Experience with integrating and supporting production IaaS, PaaS, or SaaS Cloud solutions including, AWS, Azure, and ServiceNow
• Knowledge of federal IT and Cloud security practices, including FISMA, FedRAMP, NIST 800-53, and DoD Cloud SRG and applying them to the design and implementation of Cloud solutions to achieve Authorization to Operate ATO
• Security+ or equivalent DoD 8570 IAT II Certification
• Experience with implementing and configuring network and system security tools in the Cloud, including network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS), anti-malware, vulnerability scanning, and encryption
• Experience with collecting and analyzing security, event, configuration, and management logs from Cloud-based sources
• Possession of excellent oral and written communication skills
• CISSP or equivalent DoD 8570 IAT III Certification
• Ability to document and communicate the status of progress against plans and take corrective actions
• Ability to work effectively with internal business and technology partners at all levels of the organization and influence appropriately
• Support a work environment that promotes partner service, quality, innovation and teamwork
• Expertise, knowledge and interest in additional security domains is an asset
• Strong analytical skills and problem-solving skills

Qualifications: BS in Information Security with 6 years of Experience

• Knowledge of business requirements and architecture to the maintenance and enhancement of the enterprise-wide and/or project-specific architecture frameworks and models
• Ability to translate security standards and patterns into programs and project requirements on the architecture level
• Work with other Architects, Design Leads and stakeholders in peer review to ensure the continued presence, appropriateness and completeness of security qualities in solutions
• Ability to participate in the development of requirements to facilitate both business vision realization and security architecture target state creation
• Understand the capabilities and limitations of the security components (e.g., technology, operations, and management)
• Influences product direction and integrates technology from a security and architectural perspective within the business environment
• Identify enhancements and gaps in architectural frameworks, standards and patterns to raise them for consideration for inclusion in the future versions
• Ability to participate in knowledge transfer with senior management, the team, other technical areas and business units
• Experience in supporting other members of the team in achieving business objectives and providing client services, lessons learned and knowledge transfer
• Executive level communication skills are paramount in this role
• Experience in an enterprise, solution or Security Architecture role or a related field.
• Experience in Enterprise or solution architecture using a recognized architecture methodology or framework is an asset (SABSA, TOGAF, Zachman)
• Experience in security technologies and practices with a broad understanding across multiple IT disciplines and emerging trends
• Knowledge of Security Management frameworks (e.g. ISO 27002, NIST CSF)

Qualifications: BA in Network Engineering with 5 years of Experience

• Deep knowledge of NIST CSF, 800-53, ISO 2700X, SOC2 security frameworks
• Experience with Active Directory, IIS, Windows servers, SQL Server, Firewalls, Routers, WAPs, End Point Security, Virtualization Technologies, Mobile Device Management, Application Management, VPN, Asset Management, Patch Management, Vulnerability Scanners, Kali Linux, and Threat Hunter technologies
• Working knowledge of .Net and/or Powershell
• Ability to work in a fast-paced environment
• Strong attention to detail with an analytical mind and outstanding problem-solving skills.
• Great awareness of cyber security trends and hacking techniques
• Certified Information Security Auditor (CISA) certification
• Cybersecurity Forensic Analyst (CSFA) certification
• Certified Risk and Information Systems Control (CRISC)
• Certified Security Analyst (ECSA)
• Certified Ethical Hacker (CEH)
• Experience in planning and validating Business Continuity

Qualifications: BS in Cybersecurity with 4 years of Experience

• Strong understanding of public cloud computing architecture, technical design and implementations, including Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as Service (SaaS) delivery models across multiple different cloud vendors.
• Strong knowledge of secure development and general software development methodologies and practices
• Ability to work in a team environment and to positively influence peers in other functional areas of the business.
• Have certifications such as CCSP and either CISSP or CCSK.
• Have certifications such as MCSE, Cloud Platform and Infrastructure, AWS Certified Solutions Architect
• Experience with security-related regulatory requirements, such as NIST, PCI, CSA Star and ISO 27001.
• Technical expertise in IAM, Cloud Security, or Data Security with depth generally across other Security
• Ability to talk at depth with customer’s architect teams as well as translate complex technical solutions to the C suite
• Industry experience in Travel and Transportation, Retail, or Consumer Products
• Certified Information System Security Professional (CISSP)
• Experience in the medical device or life-sciences industries
• Experience with Securing cloud (IaaS, PaaS, and SaaS) deployments
• Cyber security certifications such as the CISSP (+ISSAP), CCSP, SABSA GSEC

Qualifications: BA in Information Technology with 5 years of Experience