Sr Manager, Information Security (IAM-Governance)

Your Impact

The primary purpose of this role is to manage a team focused on defining, implementing, and/or maintaining processes and tools that support enterprise technology security. This includes accountability for optimizing performance of services that span security and technology domains, including Operations, Policy, Governance and Delivery.

In addition, this role provides insight and recommendations to inform the ongoing strategy for health and care of assigned security processes and tools.

This individual manages people which includes responsibility for setting individual and team expectations, delegating assignments, managing performance, identifying talent needs, and coaching and developing team members.

• Lead, mentor, and manage a team of IAM engineers fostering a high-performance and collaborative engineering culture.
• Drive end-to-end engineering execution for IAM solutions, ensuring high-quality deliverables and adherence to project timelines.
• Develop and maintain engineering roadmaps that align with business objectives and security compliance requirements.
• Advocate for best practices across the IAM domain.
• Works across all IAM domains integration and governance to ensure appropriate and timely management of access for Lowe's global operations
• Manages the IAM teams and services to meet customer and business needs by translating ISG strategic plans and business unit plans into actionable plans to drive results
• Executes all IAM key controls for SOX and PCI compliance, including control design, documentation, review, and test support
• Leads direct report and matrixed teams in the integration of new IAM services that include Engineers from Access Certification, role-based access management & Cloud Identity Governance.
• Provides technical leadership and guidance to teams of IAM Engineers responsible for creating, executing, and improving technology, processes, and procedures for Identity & Access Management, security policies, standards and controls creation and management, compliance management, risk management, training, and vulnerability assessment and remediation.
• Leads direct reports and matrixed teams to optimize and deliver IAM services and operational issues that involve integrative thinking, risk and complexity tradeoffs, and require innovative solutions.
• Develops and articulates identity and access risk management strategies that continuously monitor & improve the enterprise security
• Governs and continually improves processes/procedures that focus on risk-based access controls, provides the least allowable access required for business operations

• Bachelor's Degree - Computer Science, CIS, Engineering, Business Administration, Cybersecurity, or related field (or equivalent work or military experience in a related field)
• 10+ Years of IT experience with a broad range of exposure to all aspects of business/system planning, analysis, and application development
• 3 Years Experience leading project or technical teams with or without formal direct report responsibility; this includes experience providing technical direction, thought leadership, coaching, and mentoring to team members
• 4 Years of Experience with information security tools, concepts, and practices
• Familiarity with multi-platform technology environments and their operational/security considerations
• Experience managing projects and project resources to meet goals on simultaneous/multiple projects
• Experience in a security role focused on IAM (specific to Identity & Access Management role)

• Master's degree - Computer Science, CIS, Engineering, Business Administration, Cybersecurity, or related field
• Relevant information security certifications (e.g., CISSP, CISM, CEH, PCI ISA, CRISC, CISA, OSCP)
• Experience in a PCI/Retail technology environment
• Leadership experience with direct report responsibility
• Experience leading global teams
• Broad knowledge of infrastructure
• Experience working with at least one major IAM technology platform such as CA, Okta, SailPoint, ForgeRock, Oracle, or Microsoft (specific to Identity & Access Management role)
• Experience with IAM technologies and vendor platforms such as CA, SailPoint, Okta, SSO, MFA, IGA, Microsoft Azure AD and O365, Google Cloud (specific to Identity & Access Management role)
• Experience in one or more of the following fields: technical, security or privacy education/training, information security
• Advanced knowledge of core Information Security concepts related to Threat and Vulnerability Management or Offensive security testing (specific to Security Threat & Vulnerability role)

• Associates are required to relocate to the Charlotte region to foster collaboration and facilitate improved testing and support.
• Lowe's supports a Flex Office concept where in-person work is required two days per week at the Charlotte Tech Hub.
• Most business meetings are planned around the Eastern time zone.