Sr Analyst, Information Security

Your Impact

The Senior Security Analyst, Strategy & Transformation serves as a strategic change catalyst within the Office of the CISO, combining management consulting expertise with creative problem-solving skills to drive cybersecurity transformation across Lowe's.

This role partners with security leadership to drive strategic initiatives that drive adoption and behavioral change across Lowe's. Through strategic thinking, process design, stakeholder engagement, and innovative approaches to complex challenges, this position ensures security initiatives achieve measurable business impact while supporting executive decision-making and organizational alignment.

What You Will Do:

• Serve as a strategic advisor supporting executive visibility requirements through creative problem-solving, visual strategy development, and compelling narrative creation for high-impact initiatives.
• Design and execute comprehensive change management strategies that drive behavioral transformation across IT and business units, ensuring sustainable adoption of security practices, technologies, and compliance requirements.
• Create executive-quality presentations, dashboards, and strategic communications that support decision-making and provide clear visibility into security initiative progress, risk posture, and compliance outcomes.
• Develop innovative digital assets, visual content, and creative materials that support security awareness campaigns, executive reporting, and stakeholder engagement initiatives.
• Serve as a strategic advisor for cybersecurity transformation initiatives, applying management consulting methodologies to solve complex organizational challenges and drive adoption of critical security services.
• Facilitate executive stakeholder conversations to gather requirements, build organizational buy-in, and align security initiatives with business objectives.
• Partner with security services teams to help them think strategically about adoption strategies and stakeholder messaging without directly managing their operations.
• Lead cross-functional workshops and design sessions to identify process improvement opportunities.
• Support security awareness initiatives by translating complex compliance requirements into actionable frameworks and engaging educational content that drives organizational understanding and adherence.

• Bachelor's degree in business administration, computer science, engineering, or related field, or equivalent work experience in lieu of a degree.
• 5-7 years of experience in strategy consulting, change management, or business transformation roles with exposure to cybersecurity or technology initiatives.
• Proven ability to influence and engage C-suite executives through compelling presentations and strategic conversations.
• Advanced proficiency in presentation and design tools with demonstrated ability to create professional executive-level materials and compelling visual storytelling that supports strategic initiatives.
• Strong understanding of cybersecurity principles, risk management concepts, and governance frameworks beyond entry-level theory, with the ability to grasp technical concepts and translate them for diverse audiences.
• Experience designing and implementing change management strategies within large, complex organizations with regulatory or compliance requirements.
• Exceptional written and verbal communication skills with the ability to craft compelling narratives and adapt messaging for diverse audiences, from developers to executives.

• MBA preferred, especially with a technical undergraduate background.
• Big 4 consulting experience (Deloitte, PwC, EY, KPMG) with cybersecurity or technology transformation exposure.
• Change management certification (Prosci, Kotter, etc.) or relevant industry certifications.
• Knowledge of security frameworks (NIST, ISO 27001, etc.), regulatory requirements, and governance principles with experience translating compliance needs into actionable business strategies.
• Experience with Fortune 500 technology transformation initiatives, security program implementation, or GRC program development.
• Video production, digital marketing, multimedia content creation, and creative storytelling experience.
• Prior experience engaging with developer communities, large technical audiences, or compliance-focused stakeholder groups.
• Familiarity with security service delivery models and governance processes.

• Associates are required to relocate to the Charlotte region to foster collaboration and facilitate improved testing and support.
• Lowe's supports a Flex Office concept where in-person work is required two days per week at the Charlotte Tech Hub.
• Most business meetings are planned around the Eastern time zone.