Senior Lead Information Security Engineer - Information Assurance

About Lumen

Lumen connects the world. We are igniting business growth by connecting people, data and applications – quickly, securely, and effortlessly. Together, we are building a culture and company from the people up – committed to teamwork, trust and transparency. People power progress.

We’re looking for top-tier talent and offer the flexibility you need to thrive and deliver lasting impact. Join us as we digitally connect the world and shape the future.

The Role

The Senior Lead Information Security Engineer is an essential member of the Industrial Security team, responsible for implementing the Risk Management Framework for systems that support public sector managed services clients. 

Candidates must possess a thorough understanding of Public Sector Information Assurance and Compliance Laws, Directives, Policy, Frameworks, Guidance, cyber threats, and security technologies crucial for network protection. They should demonstrate an ability to collaborate effectively in developing strategies and provide advice on advanced security topics pertinent to public sector mandates. Outstanding oral and written communication skills, along with experience in presenting technical issues to a diverse range of audiences, are essential. 

Location

This is a remote position open to candidates based anywhere in the US

The Main Responsibilities

• Serve as ISSM for systems accredited under FedRAMP and FISMA. 
• Advise senior management (e.g., Industrial Security manager and director) on risk and security status. 
• Collect and manage cybersecurity reporting data. 
• Identify and implement necessary security improvements. 
• Oversee cybersecurity inspections and assessments. 
• Integrate cybersecurity needs into continuity planning. 
• Participate in Change Control Board reviews to ensure baseline security safeguards are enforced during development. 
• Implement effective security strategies to achieve organizational goals. 
• Evaluate how new technologies affect the IT security program. 
• Assess noncompliance trends to determine their impact on cybersecurity risk and effectiveness. 
• Monitor information security data sources to maintain organizational awareness. 
• Conduct information security risk assessments as part of the Security A&A process. 
• Help update cybersecurity plans and requirements. 
• Develop and maintain security procedures and guidance for network operations. 
• Provide cybersecurity requirements for statements of work and procurement documents. 
• Coordinate prompt corrective actions for cybersecurity incidents or vulnerabilities.
• Track audit findings and ensure timely remediation. 
• Develop and enforce cybersecurity policies and implementation strategies. 
• Identify security requirements for IT systems at every life cycle stage. 
• Establish remediation plans for vulnerabilities found during risk assessments, audits, or inspections. 
• Implement security policies and procedures that support organizational goals. 
• Oversee compliance with security configuration guidelines and support ongoing monitoring processes. 
• Routinely verify system compliance with applicable policies and regulations. 
• Stay current with relevant laws and compliance frameworks, and provide expert guidance to the organization.

What We Look For in a Candidate

Required Skills: 

• Meticulous attention to detail.
• Verbal and written communication skills.
• Solving complex, nuanced problems.
• Exhibit the Lumen 8 behaviors: teamwork, trust, transparency, clarity, courage, customer focus, growth mindset, and respect. 

Education and Experience: 

• Master’s degree in information assurance or a related field in Governance, Risk, and Compliance (GRC), or equivalent professional experience.
• A minimum of 10 years of pertinent experience in information assurance is required.
• Possesses extensive expertise in the administration, design, and implementation of security controls, including proficiency in applying methodologies and principles across all levels of security. 
• Strong oral and written communication skills, collaboration abilities, and experience presenting technical issues to both management and non-technical staff.
• Must have current relevant certifications like CISSP, CGRC, CISM, CISA, GSLC, Security+, PMP or CAPM.
• Proficient in technology, tools, and process management pertaining to Governance, Risk, and Compliance (GRC). 
• Broad knowledge of current and emerging technologies in enterprise architecture, focusing on cloud-native infrastructure within a managed services organization. 

Security Requirements:

• US citizenship required. 
• The capability to meet the suitability requirements for a GSA public trust position is required. 

Compensation

This information reflects the anticipated base salary range for this position based on current national data. Minimums and maximums may vary based on location. Individual pay is based on skills, experience and other relevant factors.

Location Based Pay Ranges:

$129,639 - $172,852 in these states: AL, AR, AZ, FL, GA, IA, ID, IN, KS, KY, LA, ME, MO, MS, MT, ND, NE, NM, OH, OK, PA, SC, SD, TN, UT, VT, WI, WV, and WY.
$136,121 - $181,494 in these states: CO, HI, MI, MN, NC, NH, NV, OR, and RI.
$142,603 - $190,137 in these states: AK, CA, CT, DC, DE, IL, MA, MD, NJ, NY, TX, VA, and WA.

#GSS

Lumen offers a comprehensive package featuring a broad range of Health, Life, Voluntary Lifestyle benefits and other perks that enhance your physical, mental, emotional and financial wellbeing. We're able to answer any additional questions you may have about our bonus structure (short-term incentives, long-term incentives and/or sales compensation) as you move through the selection process.

Learn more about Lumen's:

• Benefits
• Bonus Structure

What to Expect Next

#LI-JS1

Requisition #: 338691

Background Screening

If you are selected for a position, there will be a background screen, which may include checks for criminal records and/or motor vehicle reports and/or drug screening, depending on the position requirements. For more information on these checks, please refer to the Post Offer section of our FAQ page. Job-related concerns identified during the background screening may disqualify you from the new position or your current role. Background results will be evaluated on a case-by-case basis.

Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

Equal Employment Opportunities

We are committed to providing equal employment opportunities to all persons regardless of race, color, ancestry, citizenship, national origin, religion, veteran status, disability, genetic characteristic or information, age, gender, sexual orientation, gender identity, gender expression, marital status, family status, pregnancy, or other legally protected status (collectively, “protected statuses”). We do not tolerate unlawful discrimination in any employment decisions, including recruiting, hiring, compensation, promotion, benefits, discipline, termination, job assignments or training.

Disclaimer

The job responsibilities described above indicate the general nature and level of work performed by employees within this classification. It is not intended to include a comprehensive inventory of all duties and responsibilities for this job. Job duties and responsibilities are subject to change based on evolving business needs and conditions.

In any materials you submit, you may redact or remove age-identifying information such as age, date of birth, or dates of school attendance or graduation. You will not be penalized for redacting or removing this information.

Please be advised that Lumen does not require any form of payment from job applicants during the recruitment process. All legitimate job openings will be posted on our official website or communicated through official company email addresses. If you encounter any job offers that request payment in exchange for employment at Lumen, they are not for employment with us, but may relate to another company with a similar name.