Principal Engineer, Network Security

Your Impact
The Principal Security Engineer is a technical and strategic leader responsible for designing, implementing, and improving security solutions that safeguard the organization's critical infrastructure, data, and applications. This role influences business and technology decisions by providing expert guidance on security architecture, risk management, and regulatory compliance. The Principal Security Engineer serves as a subject matter expert across multiple security domains, helping to identify and resolve architectural, operational, and design deficiencies in security solutions. This role collaborates closely with IT, development, risk management, and executive leadership to align security initiatives with business objectives. While this role does not directly manage people, it requires mentoring, training, and guiding technical teams to enhance security capabilities across the organization.
What You Will Do

• Serve as a technical visionary and advocate for security, designing scalable, repeatable, and dependable security services and educating stakeholders across the enterprise.
• Work closely with senior leaders to influence security strategy and align technical execution with business objectives. Translate senior security leadership's strategic vision into actionable technical roadmaps and execution plans.
• Ensure that security services integrate seamlessly with business operations and provide minimal disruption to associates and customers.
• Lead the end-to-end technical execution of security solutions, ensuring long-term sustainability and scalability. Develop and advocate for security solutions that enhance, rather than hinder, the user experience for associates, providers, and customers.
• Develop frameworks, automation, efficiency improvements, and tooling to enhance security capabilities without introducing unnecessary complexities or operational bottlenecks.
• Partner with security architecture teams to ensure alignment between security patterns, technical execution, and enterprise protection strategies.
• Consult with governance, risk, and compliance to ensure security services meet regulatory and compliance requirements.
• Contribute to the development of security policies, standards, and procedures that guide security engineering best practices.
• Identify and implement security controls that balance compliance needs with operational efficiency.
• Work closely with the technology operations team to ensure security solutions are easily maintainable, resilient, and scalable.
• Act as a mentor and coach for engineers to upskill teams and foster a culture of continuous learning. Provide technical guidance and leadership to engineering teams to develop next-generation security solutions.
• Drive engineering excellence by promoting best practices, conducting peer reviews, and fostering a culture of technical rigor.
• Lead cross-functional collaboration with security, IT, and product teams to integrate security seamlessly into the development lifecycle.
• Stay ahead of emerging security trends, identifying opportunities to enhance the organization's security posture through innovation.

Minimum Qualifications

• Bachelor's Degree in computer science, computer information systems, engineering, business administration, cybersecurity, or related field or equivalent work or military experience in a related field in lieu of degree
• 10 years of experience in information security
• 8 years of experience with information security applications and systems
• 8 years of experience evaluating complex application and hosting environments to identify potential weaknesses and provide remediation plans to reduce risk
• 8 years of experiencing designing complex application and infrastructure systems

Preferred Skills/Education

• IT experience in the retail industry
• CISSP Certified Information Systems Security Professional
• CISM - Certified Information Security Manager
• Certified Ethical Hacker (CEH)
• PCI (PCI Internal Security Assessor)
• CRISC (Certified in Risk and Information Systems Control)
• Certified Information Systems Auditor (CISA)
• OSCP (OffSec Certified Professional)
• GPEN (GIAC Penetration Tester Certification)

About Lowe's
Lowe's Companies, Inc. (NYSE: LOW) is a FORTUNE® 100 home improvement company serving approximately 16 million customer transactions a week in the United States. With total fiscal year 2024 sales of more than $83 billion, Lowe's operates over 1,700 home improvement stores and employs approximately 300,000 associates. Based in Mooresville, N.C., Lowe's supports the communities it serves through programs focused on creating safe, affordable housing, improving community spaces, helping to develop the next generation of skilled trade experts and providing disaster relief to communities in need. For more information, visit Lowes.com.
Lowe's is an equal opportunity employer and administers all personnel practices without regard to race, color, religious creed, sex, gender, age, ancestry, national origin, mental or physical disability or medical condition, sexual orientation, gender identity or expression, marital status, military or veteran status, genetic information, or any other category protected under federal, state, or local law.