LEAD INFORMATION SECURITY ENGINEER

Company: Lumen, formally CenturyLink
Location: Monroe
Posted on: October 15, 2020

Job Description:

About Lumen
Lumen is guided by our belief that humanity is at its best when technology advances the way we live and work. With 450,000 route fiber miles serving customers in more than 60 countries, we deliver the fastest, most secure global platform for applications and data to help businesses, government and communities deliver amazing experiences. Learn more about Lumen's network, edge cloud, security and communication and collaboration solutions and our purpose to further human progress through technology at news.lumen.com, LinkedIn: /lumentechnologies, Twitter: @lumentechco, Facebook: /lumentechnologies, Instagram: @lumentechnologies and YouTube: /lumentechnologies.The RoleThe Lead Information Security Engineer is a member of the Information Security Governance and Risk team that is responsible for delivering security requirements and coordinating information security risk assessments to ensure compliance with corporate policy, standards, procedures and industry best practices. The Engineer will work with project managers and developers to assess the security risks associated with new applications and products; provide security requirements based on the Information Security Policy; coordinate vulnerability assessments; and present an overall risk assessment for the project.-- Additionally, the Lead Engineer will provide guidance, training, and assistance to junior members.The successful candidate will have broad technical knowledge of current and emerging cyber threats, as well as security technologies and methods used to protect both corporate and customer-facing network infrastructures.-- This candidate must be able to work independently and as a team leader to develop and execute strategies and consult with internal clients on advanced security topics, providing designs, reviews, and recommendations in compliance with corporate policy, standards, procedures, and industry best practices.--The Main Responsibilities--

• Assess potential risks with new applications and products and provide security requirements and recommendations for risk mitigation to help the business succeed with their projects.
• Architect new information security systems and controls to mitigate emerging threats and risks across the company.
• Consult as security subject matter expert with network architects, engineers, and others on solutions to security problems.
• Ensure reports and findings are delivered in a timely and appropriate manner to management, operations and executive leadership.
• Assess operational business processes to identify opportunities to integrate security risk assessments for greatest impact.
• Recommend new security policy, standards, best practices, and system configuration standards. Consult with internal clients on security topics and policy interpretation.
• Analyze requests for exceptions to the Information Security Policy, identify risk mitigation steps that should be taken, and make recommendations to the business for accepting the risks associated with exceptions.
• Proactively identify higher risk areas of the corporate and carrier infrastructure for assessment.
• Work with Product Development on new security-related product offerings and services for customers.
• Coordinate activities across multiple departments and business units.What We Look For in a Candidate--
  • Bachelor's degree in Computer Science, Engineering, or related field, or 8+ years of equivalent experience.
  • Extensive experience in performing security risk assessments and application, system and network security.
  • Experience with technologies, tools and process controls to minimize risk and data exposure.
  • Experience in network and/or firewall engineering, administration, design and implementation including experience in applying methodologies and principles for all levels of security.
  • Must possess, or be willing to pursue, current applicable professional/technical certifications, such as CISSP, GPEN, GWAPT, GISEC, CISM or CISA.
  • Strong oral and written communication skills and comfort with presenting technical issues to all levels of management, as well as non-technical staff.
  • Must possess broad technical knowledge of current and emerging technologies used both within the corporate infrastructure and in delivering customer facing services.Preferred Qualifications:--
    • Knowledge of information security industry and regulatory obligations (ISO 27001/27002, SOX, PCI, NIST Framework, FISMA, FedRAMP, HIPAA, NACHA, SSAE-16 and GDPR).
    • Application development and/or source code review experience in C/C++, C#, VB.NET, ASP, PHP, PERL, Python, or Java.
    • Knowledge of project management practices.
    • Experience in large Enterprise data centers and/or networks.--Requisition #: 225531EEO Statement
      We are committed to providing equal employment opportunities to all persons regardless of race, color, ancestry, citizenship, national origin, religion, veteran status, disability, genetic characteristic or information, age, gender, sexual orientation, gender identity, marital status, family status, pregnancy, or other legally protected status (collectively, "protected statuses"). --We do not tolerate unlawful discrimination in any employment decisions, including recruiting, hiring, compensation, promotion, benefits, discipline, termination, job assignments or training.Disclaimer
      The above job definition information has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job. --Job duties and responsibilities are subject to change based on changing business needs and conditions.
      --

Keywords: Lumen, formally CenturyLink, Monroe , LEAD INFORMATION SECURITY ENGINEER, Engineering , Monroe, Louisiana