Lead – Business Information Security – Biso
| Company | Lowe’s |
|---|---|
| Location | Charlotte, NC, USA |
| Salary | $Not Provided – $Not Provided |
| Type | Full-Time |
| Degrees | Bachelor’s |
| Experience Level | Senior, Expert or higher |
Requirements
- Bachelor’s degree in computer science, computer information systems, engineering, business administration, or related field, or equivalent work experience in lieu of degree.
- 7 years of experience in information security.
- Experience influencing cross-functional teams and executive stakeholders.
- Strong understanding of cybersecurity principles, frameworks (e.g., NIST, ISO 27001), and regulatory requirements.
- Strong written and verbal communication with the ability to translate technical concepts to non-technical audiences.
- Experience developing and implementing an enterprise security program to meet new business and technology requirements.
Responsibilities
- Serve as the primary liaison and strategic advisor to business and technology leaders, ensuring cybersecurity considerations are embedded in planning and prioritization.
- Maintain an expert awareness of information security news, trends, and emerging technologies to proactively identify potential risks, assess their impact on the business, and inform strategic cybersecurity planning.
- Advise product, development, and architecture teams on cybersecurity best practices during the design and implementation of new initiatives.
- Conduct technology risk assessments and partner with technical teams to develop mitigation strategies that balance both business agility and security objectives.
- Translate enterprise security policies into actionable, impactful strategies to be implemented at the product and solution level, identifying gaps or redundancies and recommending strategies to mature, rationalize, or develop security capabilities.
- Guide the integration of security controls and practices into the system development lifecycle to promote security-by-design across products, services, and vendor solutions.
- Build and maintain strong relationships with cross-functional stakeholders to drive security maturity and enhance visibility into organizational risk.
- Serve as an escalation point and mentor for junior staff for the most complex support problems.
Preferred Qualifications
- Hands-on technical experience in risk management, security operations, engineering, or architecture.
- Prior experience leading a complex cybersecurity function within a large, matrix enterprise.
- Familiarity with retail technology ecosystems, supply chain operations, or e-commerce platforms.
- Experience leading change and transformation initiatives.
- Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), or other relevant industry certifications.