Posted: Tuesday, March 6, 2018 9:04 PM
CenturyLink (NYSE: CTL) is a global communications and IT services company focused on connecting its customers to the power of the digital world. CenturyLink offers network and data systems management, big data analytics, managed security services, hosting, cloud, and IT consulting services. The company provides broadband, voice, video, advanced data and managed network services over a robust 265,000:route:mile U.S. fiber network and a 360,000:route:mile international transport network. Visit CenturyLink for more information.
Job Summary 13;
The Lead Information Security Engineer is a member of the Information Security Governance and Risk team that is responsible for delivering security requirements and coordinating information security risk assessments to ensure compliance with corporate policy, standards, procedures and industry best practices. The engineer will work with project managers and developers to assess the security risks associated with new applications and products; provide security requirements; coordinate vulnerability assessments; and present an overall risk assessment for the project.
The engineer supports the International Business Risk Program by establishing/improving processes to conduct risk assessments on proposed international activities; eliciting business requirements from multiple business stakeholders; converting business requirements to technical requirements and coordinating with project teams; and facilitating meetings with the International Business Risk Review Council (IBRRC), if necessary.
Job Description 13;
:Assess potential risks with new products and services and provide security requirements and recommendations for risk mitigation.
:Architect new information security systems and controls to mitigate emerging threats and risks across the company.
:Consult as security subject matter expert with network architects, engineers, and others on security solutions.
:Ensure reports and findings are delivered in a timely and appropriate manner to management, operations and executive leadership.
:Recommend new security policy, standards, best practices, and system configuration standards. Consult with internal clients on security topics and policy interpretation.
:Analyze requests for exceptions to the Information Security Policy, identify risk mitigation steps that should be taken, and make recommendations to the business for accepting the risks associated with exceptions.
:Test potential security solutions to validate features and functions, partnering with other organizations in the resolution of interoperability issues to obtain successful integration of security solutions across all platforms.
:Understand new laws and regulations and provide consultation, recommendations, and implementation advice to the organization. Make necessary adjustments to the Information Security Policy.
:Coordinate activities across multiple departments and business units. 13;
:Bachelors degree in Computer Science, Engineering, or related field, or 8+ years of equivalent experience.
:Experience in performing security risk assessments and application, system and network security.
:Experience with technologies, tools and process controls to minimize risk and data exposure.
:Experience in network and/or firewall engineering, administration, design and implementation including experience in applying methodologies and principles for all levels of security.
:Must possess, or be willing to pursue, current applicable professional/technical certifications, such as CISSP, GPEN, GWAPT, GISEC, CISM or CISA.
:Strong oral and written communication skills and comfort with presenting technical issues to all levels of management, as well as non:technical staff.
:Must possess broad technical knowledge of current and emerging technologies used both within the corporate infrastructure and in delivering customer facing services. 13;
• Location: Denver
• Post ID: 52767752 denver