Lumen
Overview
The Lead Information Security Engineer is a member of the Industrial Security team supporting Lumen Government Services and is responsible for performing cybersecurity compliance activities in support of government contracts as well as Lumen products and services targeting the Government market. The role requires executing all six phases of the Risk Management Framework (RMF) process in accordance with FISMA, DoD, FIPS, and NIST requirements and policy. Responsibilities include developing RMF documentation (System Security Plan, Security Control Traceability Matrix, Plan of Action & Milestones, various Standard Operating Procedures, Continuous Monitoring Plan, etc.), tracking/resolving vulnerabilities, performing continuous monitoring activities, developing security policies, and supporting cybersecurity guidance and compliance related activities. The Lead Information Security Engineer works closely with Lumen government customers (Federal and State), Lumen government program teams, Lumen operational teams, Lumen security teams, and Lumen Product and Services teams targeting our government customers. A successful candidate will have excellent communications skills and experience presenting cybersecurity issues to a wide variety of audiences. The candidate must be able to work independently and as a team leader to develop and execute strategies. The candidate must possess and maintain a broad technical knowledge of current and emerging technologies used within corporate infrastructure and government customer infrastructure. The Main Responsibilities
Perform as an Information Systems Security Officer (ISSO) for government systems Achieve and maintain Authority to Operate (ATO), as required Write System Security Plans (SSP), Plan of Actions & Milestones (POA&M), Continuous Monitoring Plan, Risk Assessments, Privacy Impact Analyses (PIA), and supporting documentation for systems subject to NIST SP 800-53 Lead Security Assessment and Authorization processes and procedures Manage cybersecurity audits by federal departments/agencies, including third party auditors Develop and complete continuous monitoring reports and briefings Interface with appropriate government agencies, company management and employees, customers, vendors, and suppliers to ensure understanding of and compliance with security requirements Review vulnerability and compliance scan results (Nessus, Qualys, etc.), remediate vulnerabilities, and track ongoing vulnerability status and remediation activities Conduct periodic reviews to ensure compliance with established policies and procedures Investigate and document cybersecurity incidents, and provide protective and corrective measures Report all cybersecurity incidents to the program Information Systems Security Managers (ISSM) through reports and briefings Participate in the change management process to ensure changes to software, hardware, and firmware do not adversely impact security Develop, facilitate, and present information security awareness and training on various customer and corporate security policies Coordinate and participate in business development opportunities related to cybersecurity compliance, including evaluating Requests for Information (RFI) and Requests for Proposal (RFP) from government customers and documenting cybersecurity responses Recommend security best practices and system configuration standards Qualifications
6+ years of experience performing cybersecurity, certification & accreditation (C&A), or assessment & authorization (A&A) related activities Excellent oral and written communication skills, collaboration skills, and experience presenting cybersecurity issues to all levels of management and non-technical staff Strong work ethic, self-starter with the ability to work in a fast-paced, team-oriented environment Uses strong interpersonal skills to build partnerships with stakeholders and peers Ability to successfully complete Government suitability and/or Government personnel security requirements is highly desired Education: Bachelor’s degree or equivalent years of experience Professional cybersecurity certification (CISSP, CISM, GSLC, CCISO) Compensation
This information reflects the anticipated base salary range for this position based on current national data. Minimums and maximums may vary based on location. Individual pay is based on skills, experience and other relevant factors. Location Based Pay Ranges: $103,711 - $138,281 in these states: AL, AR, AZ, FL, GA, IA, ID, IN, KS, KY, LA, ME, MO, MS, MT, ND, NE, NM, OH, OK, PA, SC, SD, TN, UT, VT, WI, WV, and WY. $108,896 - $145,195 in these states: CO, HI, MI, MN, NC, NH, NV, OR, and RI. $114,082 - $152,109 in these states: AK, CA, CT, DC, DE, IL, MA, MD, NJ, NY, TX, VA, and WA. #GSS Lumen offers a comprehensive package featuring a broad range of Health, Life, Voluntary Lifestyle benefits and other perks that enhance your physical, mental, emotional and financial wellbeing. We can answer any additional questions you may have about our bonus structure (short-term incentives, long-term incentives and/or sales compensation) as you move through the selection process. Learn more about Lumen's: Benefits (https://jobs.lumen.com/global/en/benefits-statement)
Bonus Structure
What to Expect Next #LI-JS1 Requisition #: 338652 Background Screening and Equal Opportunity
If selected for a position, there will be a background screen, which may include checks for criminal records and/or motor vehicle reports and/or drug screening, depending on position requirements. For more information on these checks, please refer to the Post Offer section of our FAQ (https://jobs.lumen.com/global/en/faq). Pursuant to the San Francisco Fair Chance Ordinance, we will consider qualified applicants with arrest and conviction records. Equal Employment Opportunities We are committed to providing equal employment opportunities to all persons regardless of protected statuses. We do not tolerate unlawful discrimination in any employment decisions. Disclaimer The job responsibilities described above indicate the general nature and level of work performed. Duties are subject to change based on evolving business needs and conditions. In any materials you submit, you may redact or remove age-identifying information. Lumen does not require any form of payment from job applicants during recruitment. All legitimate openings will be posted on our official site.
#J-18808-Ljbffr
The Lead Information Security Engineer is a member of the Industrial Security team supporting Lumen Government Services and is responsible for performing cybersecurity compliance activities in support of government contracts as well as Lumen products and services targeting the Government market. The role requires executing all six phases of the Risk Management Framework (RMF) process in accordance with FISMA, DoD, FIPS, and NIST requirements and policy. Responsibilities include developing RMF documentation (System Security Plan, Security Control Traceability Matrix, Plan of Action & Milestones, various Standard Operating Procedures, Continuous Monitoring Plan, etc.), tracking/resolving vulnerabilities, performing continuous monitoring activities, developing security policies, and supporting cybersecurity guidance and compliance related activities. The Lead Information Security Engineer works closely with Lumen government customers (Federal and State), Lumen government program teams, Lumen operational teams, Lumen security teams, and Lumen Product and Services teams targeting our government customers. A successful candidate will have excellent communications skills and experience presenting cybersecurity issues to a wide variety of audiences. The candidate must be able to work independently and as a team leader to develop and execute strategies. The candidate must possess and maintain a broad technical knowledge of current and emerging technologies used within corporate infrastructure and government customer infrastructure. The Main Responsibilities
Perform as an Information Systems Security Officer (ISSO) for government systems Achieve and maintain Authority to Operate (ATO), as required Write System Security Plans (SSP), Plan of Actions & Milestones (POA&M), Continuous Monitoring Plan, Risk Assessments, Privacy Impact Analyses (PIA), and supporting documentation for systems subject to NIST SP 800-53 Lead Security Assessment and Authorization processes and procedures Manage cybersecurity audits by federal departments/agencies, including third party auditors Develop and complete continuous monitoring reports and briefings Interface with appropriate government agencies, company management and employees, customers, vendors, and suppliers to ensure understanding of and compliance with security requirements Review vulnerability and compliance scan results (Nessus, Qualys, etc.), remediate vulnerabilities, and track ongoing vulnerability status and remediation activities Conduct periodic reviews to ensure compliance with established policies and procedures Investigate and document cybersecurity incidents, and provide protective and corrective measures Report all cybersecurity incidents to the program Information Systems Security Managers (ISSM) through reports and briefings Participate in the change management process to ensure changes to software, hardware, and firmware do not adversely impact security Develop, facilitate, and present information security awareness and training on various customer and corporate security policies Coordinate and participate in business development opportunities related to cybersecurity compliance, including evaluating Requests for Information (RFI) and Requests for Proposal (RFP) from government customers and documenting cybersecurity responses Recommend security best practices and system configuration standards Qualifications
6+ years of experience performing cybersecurity, certification & accreditation (C&A), or assessment & authorization (A&A) related activities Excellent oral and written communication skills, collaboration skills, and experience presenting cybersecurity issues to all levels of management and non-technical staff Strong work ethic, self-starter with the ability to work in a fast-paced, team-oriented environment Uses strong interpersonal skills to build partnerships with stakeholders and peers Ability to successfully complete Government suitability and/or Government personnel security requirements is highly desired Education: Bachelor’s degree or equivalent years of experience Professional cybersecurity certification (CISSP, CISM, GSLC, CCISO) Compensation
This information reflects the anticipated base salary range for this position based on current national data. Minimums and maximums may vary based on location. Individual pay is based on skills, experience and other relevant factors. Location Based Pay Ranges: $103,711 - $138,281 in these states: AL, AR, AZ, FL, GA, IA, ID, IN, KS, KY, LA, ME, MO, MS, MT, ND, NE, NM, OH, OK, PA, SC, SD, TN, UT, VT, WI, WV, and WY. $108,896 - $145,195 in these states: CO, HI, MI, MN, NC, NH, NV, OR, and RI. $114,082 - $152,109 in these states: AK, CA, CT, DC, DE, IL, MA, MD, NJ, NY, TX, VA, and WA. #GSS Lumen offers a comprehensive package featuring a broad range of Health, Life, Voluntary Lifestyle benefits and other perks that enhance your physical, mental, emotional and financial wellbeing. We can answer any additional questions you may have about our bonus structure (short-term incentives, long-term incentives and/or sales compensation) as you move through the selection process. Learn more about Lumen's: Benefits (https://jobs.lumen.com/global/en/benefits-statement)
Bonus Structure
What to Expect Next #LI-JS1 Requisition #: 338652 Background Screening and Equal Opportunity
If selected for a position, there will be a background screen, which may include checks for criminal records and/or motor vehicle reports and/or drug screening, depending on position requirements. For more information on these checks, please refer to the Post Offer section of our FAQ (https://jobs.lumen.com/global/en/faq). Pursuant to the San Francisco Fair Chance Ordinance, we will consider qualified applicants with arrest and conviction records. Equal Employment Opportunities We are committed to providing equal employment opportunities to all persons regardless of protected statuses. We do not tolerate unlawful discrimination in any employment decisions. Disclaimer The job responsibilities described above indicate the general nature and level of work performed. Duties are subject to change based on evolving business needs and conditions. In any materials you submit, you may redact or remove age-identifying information. Lumen does not require any form of payment from job applicants during recruitment. All legitimate openings will be posted on our official site.
#J-18808-Ljbffr