We have an immediate opening for a Lead Information Security Engineer to coordinate and evaluate information security risk assessments. The Engineer will assess risks associated with information security for both current and proposed projects. The Lead Information Security Engineer will coordinate risk assessments from other groups and present an overall risk assessment for the project. This person will also architect new information security systems and controls to mitigate emerging threats and risks across the company. The Lead Information Security Engineer will work with product to develop new security related product offerings and services for customers.
The Lead Information Security Engineers could also perform electronic forensic evaluations and fulfill electronic legal discovery requests for sensitive investigations, data breaches and lawsuits. This position requires a high level of organizational trust handling sensitive corporate information and may require a government security clearance.
Activities include proactively identifying higher risk areas of the corporate and carrier infrastructure for assessment; developing threat models and other assessment tools ; ensuring reports and findings are delivered in a timely and appropriate manner to risk management, operations and business leadership, and identifying and integrating risk assessment with key business processes to enable info security risk communication skills and experience in presenting technical issues to a wide variety of audiences. In addition must possess broad technical knowledge of current and emerging technologies used both within the corporate infrastructure and in delivering customer facing services. The Lead Information Security Engineer will coordinate activities across multiple departments and business units plus be able to understand business requirements and help the business success with their projects.
The Lead Information Security Engineer will have additional responsibilities to consult as subject matter expert across the company with network architects, engineers and others on solutions; work independently and as lead to develop and execute strategies; mentor/coach others; and consult with internal clients on security topics providing designs, reviews and recommendations in compliance with corporate policy, standards, procedures and industry best practices.
Preferred Job Qualifications:
- Eight to ten years of experience in application, system, network and/or firewall engineering, administration, design and implementation including experiences in applying methodologies and principles for all levels of security, (Network Security Engineer Requirements).
- Strong application development and/or source code review experience in C/C++, C#, VB.NET, ASP, PHP, or Java, (Application Security Engineer Requirements).
- Experience in using security assessment tools for network, application, and database security assessment areas.
- Undergraduate degree in Computer Science, Electrical Engineering, Systems Engineering or related field or equivalent experience.
- Applicable professional/technical certifications should be in place or candidate must be willing to pursue.
- Excellent verbal and written communication skills.
- Professional/technical certifications such as CISSP, GPEN, GWAPT, GISEC, CISM or CISA.
- Implementation knowledge of ISO 27000.
- Experience with technologies, tools and process controls to minimize risk and data exposure.
CenturyLink is an industry-leading provider of communications, high speed Internet and entertainment services from coast to coast. Our combination of business and residential service solutions – including home and wireless voice solutions and digital television – provide innovative solutions to our customers. CenturyLink is proud to be a participant in the U.S. General Services Administration Networx program, the largest communications services contract in the world. CenturyLink offers you the opportunity to develop and cultivate your career as we lead the communications industry into the future.
The above job definition information has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job. Job duties and responsibilities are subject to change based on changing business needs and conditions.
CenturyLink - 2 years ago
copy to clipboard
CenturyLink is the third largest telecommunications company in the United States and is recognized as a leader in the network services...