Lead Engineer, Information Security

Innovate in Charlotte
Thank you for dedicating your time and talent to Lowe's. We want to give you more opportunities to learn and grow, so if you find a position you're interested in below, we encourage you to apply!
Job Summary
The primary purpose of this role is to provide consultation and technical direction to engineers focused on the design, implementation, and ongoing operation of network security technologies and services. This includes enterprise firewalls, IoT security platforms, microsegmentation solutions, and associated network security tooling. The role is responsible for translating business requirements and functional specifications into scalable, resilient network security architectures that protect enterprise assets with appropriate levels of control and segmentation.
To be successful, the individual in this role must have advanced knowledge of network security principles, including firewall policy management, zero trust network segmentation, and IoT device security. This role serves as a technical expert for project teams that establish and maintain secure network environments that enable the business to operate efficiently while meeting regulatory and industry security standards.
Key Responsibilities

• Drives the strategic design, implementation, and optimization of enterprise network security platforms, including firewalls, microsegmentation technologies, and IoT security solutions
• Serves as a technical expert for project teams implementing and maintaining network security controls; defines and oversees documentation of standards such as firewall rule governance, segmentation policies, and network access controls
• Leads the design and enforcement of network segmentation strategies, including zero trust architectures and microsegmentation frameworks across data center, cloud, and IoT environments
• Engineers and maintains firewall policies, rule lifecycle management processes, and traffic inspection capabilities to ensure secure and efficient network operations
• Provides guidance on securing IoT and OT environments, including device profiling, network isolation, and threat detection strategies
• Educates engineering and development teams on network security standards, segmentation models, and secure network design principles
• Resolves complex network security issues spanning multiple environments, including on-premises, cloud, and hybrid infrastructures
• Identifies, reports, and leads response activities for network-related security incidents, including traffic analysis, intrusion detection, and containment strategies
• Evaluates and integrates new network security technologies to address evolving threats, including advancements in firewall capabilities, zero trust networking, and IoT security platforms
• Maintains awareness of emerging threats, exploits, and attack techniques targeting network infrastructure and connected devices
• Collaborates across teams to design scalable, resilient, and secure network architectures that minimize attack surfaces and enforce least-privilege access
• Mentors and advises engineers on network security engineering practices, tools, and operational processes
• Provides recommendations to business and technology leadership on network security strategy, architecture, and investment priorities
• Responds to escalated network security issues, performing advanced troubleshooting and root cause analysis
• Supports incident response efforts related to network security breaches, including firewall events, lateral movement, and unauthorized network access
• Oversees break/fix activities for network security platforms, coordinating with vendors and internal teams as needed
• Analyzes outputs from network security tools such as firewalls, IDS/IPS, network detection and response (NDR), and microsegmentation platforms to identify risks and drive remediation
• Evaluates network architectures and traffic flows to identify vulnerabilities and enforce segmentation and access control improvements
• Designs and implements secure network configurations and automation to reduce misconfigurations and improve policy consistency
• Develops and enhances automation and scripting for firewall policy management, segmentation enforcement, and network security monitoring
• Assesses complex network environments, including cloud and container networking, to identify weaknesses and implement segmentation and security controls

Required Qualifications

• Bachelor's degree Computer Science, CIS, Engineering, Cybersecurity, or related field or equivalent years of experience in lieu of education requirement, if applicable
• 7 years Experience in technology system support, software development or a related field
• 5 years Experience with information security applications and systems
• 4 years Experience evaluating complex application and hosting environments to identify potential weaknesses and provide remediation plans to reduce risk
• 5 years Experiencing designing complex application and infrastructure systems

Preferred Qualifications

• Master's degree Computer Science, CIS, Business Administration or related field
• 6 years Experience working on project(s) involving the implementation of solutions applying development life cycles (SDLC)
• 3 years DevOps experience
• 1 year Experience with Cloud technologies
• 4 years Experience designing application pipelines with secure configuration parameters to remove or reduce known threat vectors
• 5 years Experience working with diverse application and infrastructure environments to identify and provide technical guidance on threat reduction at both the application and supporting infrastructure layer
• 6 years IT experience developing and implementing business systems within an organization
• 6 years Experience working with defect or incident tracking software
• 6 years Experience writing technical documentation in a software development environment
• 4 years Experience working with an IT Infrastructure Library (ITIL) framework
• 4 years Experience leading teams, with or without direct reports
• 6 years Experience working with source code control systems
• Experience working with Continuous Integration/ Continuous Deployment tools
• PCI ISA
• CRISC
• OSCP
• GPen

Benefits

• 401k with up to 4.25% match
• Bi-annual Cash Bonus
• Discounted Employee Stock Purchase Plan (15% discount of strike price)
• Tuition-Free Education
• 10-week Maternity/Parental Leave
• 10% Associate Discount

• For information about our benefit programs and eligibility, please visit https://talent.lowes.com/us/en/benefits .

About Lowe's
Lowe's Companies, Inc. (NYSE: LOW) is a FORTUNE® 100 home improvement company with total fiscal 2025 sales of more than $86 billion. Lowe's employs approximately 300,000 associates and operates over 1,750 home improvement stores, 540 branches and 120 distribution centers. Based in Mooresville, N.C., Lowe's supports the communities it serves through programs focused on creating safe, affordable housing, improving community spaces, helping to develop the next generation of skilled trade experts and providing disaster relief to communities in need. For more information, visit Lowes.com .
Lowe's is an equal opportunity employer and administers all personnel practices without regard to race, color, religious creed, sex, gender, age, ancestry, national origin, mental or physical disability or medical condition, sexual orientation, gender identity or expression, marital status, military or veteran status, genetic information, or any other category protected under federal, state, or local law.