Sr Analyst, Information Security - (Offensive Security)

Do your Best Work in Mooresville

This position is based at our headquarters in Mooresville, North Carolina. Our corporate office is a space where you can collaborate and do your best work. Take a walk, grab a bite (or a cup of coffee), work out or get a check-up - we invest in you so you can find your inspiration.

Your Impact
The primary purpose of this role is to lead the implementation and ongoing delivery of information security tools and processes. This includes responsibility for creating, executing, and improving processes and procedures with limited direct guidance from more senior-level security associates. This role solves complex problems while creating and optimizing processes and often takes a lead role in implementing new services and technologies. This role requires a strong understanding of most tools and processes supported by the team, including many of the key integration points with other parts of technology, works mostly independently, and provides coaching and direction to more junior-level associates.

As a Senior Analyst of Offensive Security, you will conduct advanced penetration tests and red team assessments across our applications, networks, and systems. You will collaborate with cross-functional teams to analyze security vulnerabilities and provide actionable recommendations for remediation.

• Analyze data to detect trends, determine metrics, assess adherence to processes, and make recommendations. And present results to information security and business leaders and/or vendors.
• Serve as an escalation point and mentor for junior staff.
• Maintain an awareness of information security news and trends and research current technologies to assist in the development of new capabilities.
• Consolidate security-related findings, track OKRs, and present results to information security and business leaders and/or vendors.
• Translate and document business needs into technical requirements and solutions.
• Advise users and team members on the execution of processes, interpret standards and regulations, and assist with solutions.
• Design, develop, and maintain custom offensive tooling, including loaders, droppers, malware implants, in-memory execution frameworks, and covert initial access payloads across Windows, Linux, macOS, and cloud-native platforms.
• Engineer advanced evasion techniques in code, such as syscall stealth, ntdll unhooking, memory laundering, behavioral model evasion, encrypted tasking channels, and dynamic API resolution to defeat modern AI-driven EDR/EDX systems.
• Plan and execute full-scope red team and adversary emulation engagements, targeting on-prem, cloud, and hybrid environments while maintaining strong operational security and stealth.
• Reverse engineer defensive mechanisms and modify offensive code to adapt to new detection models, platform protections, and telemetry changes-ensuring tooling remains effective across diverse modern environments.
• Create reusable internal offensive libraries, including process injection modules, PE/ELF parsing routines, shellcode loaders, encryption wrappers, and cloud identity attack primitives.
• Prototype, test, and validate new malware techniques in isolated research environments; document behaviors, measure detection surfaces, and integrate promising approaches into operational tooling.
• Manage and maintain resilient C2 infrastructures-including redirectors, covert channels, and multi-transport communication layers-to emulate sophisticated APT frameworks and tradecraft.
• Develop, enhance, and standardize offensive testing methodologies, ensuring alignment with current threat landscapes, evolving attacker TTPs, and industry-leading best practices (MITRE ATT&CK, NIST, etc.).
• Analyze engagement results and produce clear, actionable reporting, effectively communicating technical findings, attack paths, and remediation recommendations to both technical stakeholders and executive leadership.
• Promote a culture of collaboration, knowledge sharing, and continuous skill development within the offensive security team.
• Continuously research emerging threats, attack vectors, and defensive advancements, integrating relevant discoveries into future red team operations and tooling.
• Support improvements to security posture by contributing insights to security policy updates, defensive control enhancements, and incident response strategies based on observed weaknesses and real-world attack patterns

• Bachelor's degree in computer science, computer information systems, engineering, business administration, cybersecurity, or related field, or equivalent years of experience in lieu of education requirement, if applicable
• 4 years of experience in information security
• 2-4 years of experience developing malware techniques and designing preventative measures.

• IT experience in the retail industry
• Hands-on experience on GRC applications & TPRM tools (e.g., Archer, LogicGate, SAP GRC, OneTrust, ProcessUnity, ServiceNow, BitSight, Prevalent, Black Kite, etc.)
• Experience with vulnerability identification & penetration testing tools
• Experience with vulnerability management in public/hybrid cloud environments.
• Experience with IAM technology implementation and operations (e.g., CA, SailPoint, OKTA, SSO, MFA, IGA, Microsoft AD) (specific to IAM role)
• Experience developing cybersecurity or information assurance policies, standards, awareness training, or equivalent issuances (specific to Security GRC role)
• Payment Card Industry Internal Security Assessor (PCI ISA)
• Certified in Risk and Information Systems Control (CRISC)
• Offensive Security Certified Professional (OSCP)
• GIAC Penetration Tester Certification (GPEN)
• Practical Network Penetration Tester (PNPT)
• eLearnSecurity Certified Professional Penetration Tester (eCPPT)
• Certified Third-Party Risk Professional (CTPRP)
• Certified Third Party Risk Assessor (CTPRA)
• CompTIA PenTest+ Certification
• Or other relevant information security certifications

• Associates are required to relocate to the Charlotte region to foster collaboration and facilitate improved testing and support.
• Lowe's supports a Flex Office concept where in-person work is required three days per week at the Charlotte Tech Hub
• Most business meetings are planned around the Eastern time zone.