Security Assurance Manager

---

Job description

About LumenLumen is guided by our belief that humanity is at its best when technology advances the way we live and work. With 450,000 route fiber miles serving customers in more than 60 countries, we deliver the fastest, most secure global platform for applications and data to help businesses, government and communities deliver amazing experiences. Learn more about Lumen's network, edge cloud, security and communication and collaboration solutions and our purpose to further human progress through technology at news.lumen.com, LinkedIn: /lumentechnologies, Facebook: /lumentechnologies, and YouTube: /lumentechnologies.The RoleSecurity Assurance Managers (SAM) are dedicated Information Security resources assigned to large enterprise customers and function as a security overlay for Lumen managed services. They act as a trusted advisor on security governance and best practice and work with the technical, service and project management teams to ensure a client's services are delivered in accordance with the security requirements.SAMs are the primary Information Security contact within our service management team and these specialists are experts with multiple years' experience in providing security services.SAMs liaise with the managed security services team to advise, analyse and resolve issues across any installed security solutions.They review/advise/consult on existing and future security controls and through regular auditing and reporting seek out ways to enhance the security posture, leveraging both technical and administrative controls to achieve this goal. A SAM will aim to remove risk and therefore plays a key role in system patching, hardening and vulnerability management as well as monitoring the threat landscape and applying that knowledge to the customer's infrastructure.The Main ResponsibilitiesThe position is for a Security Assurance Manager (Architect SE - Security). This is to be a person dedicated to specific client/clientsShould be effective within customer-facing environment, set and manage expectations with client stakeholders and team membersDemonstrated ability to make and take responsibility for decisions on major technical issuesThorough knowledge and experience of security standards and best practices, and the ability to perform security architecture analysisAble to leverage Open-Source Threat intelligence (OSINT) and apply that to a customer's environmentProactive review, monitoring and remediation of security threats and vulnerabilitiesDevelop and maintain security profiles, policies and proceduresProactive service evolution recommendationsCustomize and configure technical security controls.Review/advise/consult on vulnerability scanning output, and steer remediation/mitigation activitiesDevelop, optimise, and review firewall rulesSet and implement security standards across business unitExcellent communication and presentation skills with the ability to present to a variety of external audiences, including being able to interact with senior executivesExcellent written communicationResilience and ability to handle stressful situations effectively while managing several tasksCommunicate with the client regarding pertinent information security issues and provide periodic security posture updatesAbility to work within a defined change management processAbility to work in a self-directed manner and demonstrate initiativeWhat We Look For in a CandidateFamiliarity with scripting, ability to review and analyse security events and alerts and provide customer with a high level summary of any ongoing or potential threats across the following.Perform Firewall Rules Reviews (expertise in Palo Alto/Cisco ASA Firewalls, Checkpoint or similar platforms).Hands-on experience on Palo Alto modules (IDS/IPS/Wildfire/Site-to-Site VPN support, URL Filtering, Threat Protection: Anti-Virus, Anti-Spyware, Vulnerability Protection, Data Filtering (DLP), QoS, Policy Based Forwarding, SSL Decryption , DoS Protection, Zone Protection, Dynamic Block Lists, Certificate Management, Netflow)Provide knowledge and technical configuration guidance acrossFirewall configurationNetwork and Host based Intrusion Detection/Prevention SystemsNetwork-based Distributed Denial-of-Service (DDoS/Arbor) mitigation servicesLog management services (ie. LogLogic)Threat management servicesThorough understanding of encryption technologies and best practices, such as PKI, IPSec, best practices for encryption of data at rest and in transit, obsolete protocols and ciphersGood understanding of endpoint anti-malware and related reportingAbility to review vendor vulnerability announcements, interpret them and describe the actual risk to the environment using both the CVSS scoring and a risk-based assessmentGood understanding of the security incident response processWork with the managed services teams and research required security patching for Windows, Linux and VMware (ESX) serversPerform OS hardening reviews (Windows/Linux/UNIX) and provide recommendationsMaintain documentation around the various security services and related site-specific procedures.Review and update Security Policies and Procedures on an on-going basis.Requisition #: 257435The above job definition information has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job. Job duties and responsibilities are subject to change based on changing business needs and conditions.We are committed to making reasonable adjustments to the recruitment process for people with disabilities. If there is anything we can do to help you, please let us knowWe are committed to providing equal employment opportunities to all persons regardless of race, religion, colour, sex, age, disability or sexual orientation or any other status protected by local or national law. We do not tolerate unlawful discrimination in any employment decisions, including recruiting, hiring, compensation, promotion, benefits, discipline, termination, job assignments or training. We participate in the A-Check Pre-employment Screening Program or the Electronic Employment Verification Program, depending on location.When applying for an internal role, you must:Have been in your current role, and employed by Lumen, for a minimum of twelve months.Confirm to your Line Manager which role you have applied for.Not have any current disciplinary action recorded against you.Not be on a current performance improvement plan (PIP).