Lumen is guided by our belief that humanity is at its best when technology advances the way we live and work. With 450,000 route fiber miles serving customers in more than 60 countries, we deliver the fastest, most secure global platform for applications and data to help businesses, government and communities deliver amazing experiences. Learn more about Lumen’s network, edge cloud, security and communication and collaboration solutions and our purpose to further human progress through technology at news.lumen.com, LinkedIn: /lumentechnologies, Twitter: @lumentechco, Facebook: /lumentechnologies, Instagram: @lumentechnologies and YouTube: /lumentechnologies.
The Information Security Engineer II is a member of the Information Security Governance and Risk team that is responsible for delivering security requirements and coordinating information security risk assessments to ensure compliance with corporate policy, standards, procedures and industry best practices. The engineer will assist with the assessment of security risks associated with new applications and products; provide security requirements based on the Information Security Policy; coordinate vulnerability assessments; and present an overall risk assessment for the project.
The successful candidate will have broad technical knowledge of current and emerging cyber threats, as well as security technologies and methods used to protect both corporate and customer-facing network infrastructures. This candidate must be able to work as a team member to consult with internal clients on security topics, providing designs, reviews, and recommendations in compliance with corporate policy, standards, procedures, and industry best practices.
The Main Responsibilities
- Assist in the assessment of potential risks with new applications and products and provide security requirements and recommendations for risk mitigation to help the business succeed with their projects.
- Assist in assessing new security technologies and recommend possible implementation strategies.
- Ensure reports and findings are delivered in a timely and appropriate manner to management.
- Recommend new security policy, standards, best practices, and system configuration standards. Consult with internal clients on security topics and policy interpretation.
What We Look For in a Candidate
- Bachelor’s degree in Computer Science, Engineering, or related field, or 5+ years of equivalent experience.
- Candidate must possess, or be willing to pursue, applicable professional/technical certifications, such as CISSP, GPEN, GWAPT, GISEC, CISM or CISA.
- Strong oral and written communication skills and comfort with presenting technical issues to all levels of management, as well as non-technical staff.
- Broad technical knowledge of current and emerging technologies used both within the corporate infrastructure and in delivering customer facing services.
- Experience in performing security risk assessments and application, system, and network security.
- Knowledge of information security industry and regulatory obligations (ISO 27001/27002, SOX, PCI, NIST Framework, FISMA, FedRAMP, HIPAA, NACHA, and SSAE-16).
- Experience in network and/or firewall engineering, administration, design and implementation including experience in applying methodologies and principles for all levels of security.
- Experience with technologies, tools and process controls to minimize risk and data exposure.
- Application development and/or source code review experience in C/C++, C#, VB.NET, ASP, PHP, PERL, Python, or Java.
- Knowledge of project management practices.
- Experience in large Enterprise data centers and/or networks.
Requisition #: 231251
The above job definition information has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job. Job duties and responsibilities are subject to change based on changing business needs and conditions.
We are committed to making reasonable adjustments to the recruitment process for people with disabilities. If there is anything we can do to help you, please let us know
We are committed to providing equal employment opportunities to all persons regardless of race, religion, colour, sex, age, disability or sexual orientation or any other status protected by local or national law. We do not tolerate unlawful discrimination in any employment decisions, including recruiting, hiring, compensation, promotion, benefits, discipline, termination, job assignments or training. We participate in the A-Check Pre-employment Screening Program or the Electronic Employment Verification Program, depending on location.
When applying for an internal role, you must:
● Have been in your current role, and employed by CenturyLink, for a minimum of twelve months.
● Confirm to your Line Manager which role you have applied for.
● Not have any current disciplinary action recorded against you.
● Not be on a current performance improvement plan (PIP).