Engineer, Information Security- Digital Applications

Lowe's

  • Charlotte, NC
  • Permanent
  • Full-time
  • 1 month ago
Job SummaryThe primary purpose of this role is to provide Digital Security Services for eCommerce, Digital, and API platforms. This includes providing support for security services and engineering efforts pertaining to Web Application Firewall (WAF), Bot mitigation, and malicious script mitigation techniques. To be successful, the individual in this role must be versed in cybersecurity concepts and possess the ability to execute on complex security engineering solutions. This role requires the ability to collaborate closely with other departments to ensure the company’s platform is secure and in compliance with industry standards.To be successful, the individual in this role must be versed in cybersecurity concepts and possess the ability to execute on complex security engineering solutions. This role requires the ability to collaborate closely with other departments to ensure the company’s platform is secure and in compliance with industry standards.May require rotational off-hours support when necessary.Key Responsibilities
  • Serve as a Hands-on subject matter expert for WAF, BOT mitigation, and script mitigation tooling
  • Provide analysis for WAF/BOT mitigation designs and implementation plans
  • Research website and API traffic telemetry and determine appropriate WAF/BOT mitigation
  • Analyse WAF/BOT attack traffic to assess security risk, derive severity, and set mitigation priority
  • Participate in planning efforts and implement incremental WAF/BOT threat identification and mitigation improvements
  • Analyse script alerting to assess security risk, derive severity, and set mitigation priority
  • Participate in SOC and threat intelligence tasks providing security consulting
  • Participate in and execute technical evaluations of pertinent new security technologies addressing emerging threats and industry trends
  • Participate in modelling potential Digital Application security threats and mitigations
  • Facilitate, deliver and support integration engineering efforts for Digital in-house, COTS and SaaS security solutions
  • Deliver and resolve complex engineering problems spanning multiple applications to drive overall improvements in security across systems and applications
  • Assist the Information Security team in monitoring and managing security systems and reviewing logs
  • Respond to escalated security engineering issues for enterprise systems, facilitate and troubleshoot when necessary
  • Serve a security engineering resource for project teams throughout the implementation and maintenance of assigned information security solutions, contribute to the definition and governance of security documentation (e.g. guidelines, processes, procedure)
Required Qualifications
  • Bachelors Degree in Computer Science, CIS, Engineering, Cybersecurity, or related field (or equivalent work experience in a related field)
  • 2 Years of experience in technology system support, software development or a related field
  • 1 Year of experience with information security applications and systems
Preferred Qualifications
  • Relevant information security certifications (e.g. CISSP, CISM, CEH, GPen)
  • Information Technology experience in the retail industry
  • Knowledge of information security practices and policies
  • Knowledge of IT Infrastructure Library (ITIL) framework
  • Knowledge of WAF and BOT concepts and solutions
  • Knowledge of browser security headers (e.g. CSP, HSTS, etc.)
  • Knowledge of API security gateway concepts
  • Experience in delivering security product deployments, integrations, and operational efforts
  • Experience facilitating vendor security product requests for engineering requirements, enhancements, maintenance, and configuration
  • Familiarity with OWASP Top 10 and/or SANS Top 25
  • Familiarity with retail regulatory scope (PCI, SOX, etc.)
  • Familiarity of Magecart style attacks and mitigations
About Lowe’sLowe's Companies, Inc. (NYSE: LOW) is a FORTUNE® 50 home improvement company serving approximately 17 million customer transactions a week in the U.S. With total fiscal year 2022 sales of over $97 billion, approximately $92 billion of sales were generated in the U.S., where Lowe's operates over 1,700 home improvement stores and employs approximately 300,000 associates. Based in Mooresville, N.C., Lowe's supports the communities it serves through programs focused on creating safe, affordable housing and helping to develop the next generation of skilled trade experts. For more information, visit Lowes.com.Lowe’s is an equal opportunity employer and administers all personnel practices without regard to race, color, religious creed, sex, gender, age, ancestry, national origin, mental or physical disability or medical condition, sexual orientation, gender identity or expression, marital status, military or veteran status, genetic information, or any other category protected under federal, state, or local law.

Lowe's