Lumen
About Lumen
Lumen is guided by our belief that humanity is at its best when technology advances the way we live and work. With 450,000 route fiber miles serving customers in more than 60 countries, we deliver the fastest, most secure global platform for applications and data to help businesses, government and communities deliver amazing experiences. Learn more about Lumen’s network, edge cloud, security and communication and collaboration solutions and our purpose to further human progress through technology at news.lumen.com, LinkedIn: /lumentechnologies, Twitter: @lumentechco, Facebook: /lumentechnologies, Instagram: @lumentechnologies and YouTube: /lumentechnologies.
The Role
The Manager Information Security Compliance leads the Information Security Compliance and Audit team that is responsible for coordinating and executing a variety of audit controls to ensure compliance with Information Security Policy and industry standards, including Sarbanes-Oxley (SOX), Payment Card Industry (PCI), Federal Information Security Management Act (FISMA), Health Insurance Portability and Accountability Act (HIPAA), FTC Red Flag rules, and NACHA. The Manager Information Security Compliance maintains ownership and control of all US and global audit processes. Directly supports customer inquiries and external audit activities.
Reporting directly to the Manager Information Security, the manager will participate in top-level strategic planning of the Information Security organization’s short, mid and long-range goals. The successful candidate will have experience in leading an auditing staff and possess strong communications skills and experience in presenting issues to a wide variety of audiences. In addition, the manager must possess broad knowledge of current and emerging technologies used both within the corporate infrastructure and in delivering customer-facing services.
The Main Responsibilities
-
Manage the Information Security Compliance and Audit program, managing day-to-day performance of the staff.
-
Assist the CISO to maintain the Information Security Policy and supporting standards, processes, and best practices, ensuring they are consistent with authoritative sources and corporate strategic objectives.
-
Maintain appropriate metrics to measure information security risk to the corporation. Ensure reports and findings are delivered in a timely and appropriate manner to upper management and executive leadership.
-
Recruit, hire, train, develop, and supervise the performance of information security professionals in the Compliance and Audit program. Perform employee performance reviews and make compensation recommendations.
-
Manage complex projects or audit functions for cross-functional initiatives.
-
Manage the compliance program to successful completion each year with the ability to set and manage priorities judiciously.
-
Manage project budget within the overall compliance budget.
-
Manage vendor relationships and conduct vendor evaluations (or Requests for Proposals) as needed.
-
Facilitate compliance with the internal control standards via regular monitoring of related activities.
-
Manage the execution of multiple security controls validation programs simultaneously with specific deadlines.
-
Overview improvements to the compliance and audit control processes.
-
Document execution of information security controls and any findings during the review cycle.
-
Consult with control owners, such as system administrators, database administrators, application owners and others on developing complete and repeatable control processes including control documentation such as procedures, control evidence, narratives, control matrices, metrics reports.
-
Maintain an understanding of each compliance standard and implement requirements to satisfy the standards, including adherence to policies, rules and regulations, or laws governing the area reviewed.
-
Consult with internal clients on information security topics, providing guidance on compliance with corporate policy, standards, procedures and industry best practices.
-
Communicate potential control gaps to management along with suggested remediation.
-
Educate and train process owners on compliance obligations.
-
Monitor and respond to customer and sales requests for information on various compliance initiatives.
-
Identify control deficiencies and/or process inefficiencies and develop process improvements.
-
Maintain and monitor progress of remediation steps on identified control deficiencies.
What We Look For in a Candidate
Minimum Qualifications:
-
10+ years experience managing audit programs and performing controls validation and compliance testing of SSAE 16, AT-101 (SOC 1 / SOC 2), PCI, ISO, HIPAA, Privacy, NACHA, or SOX IT General Computer Controls auditing or similar audit experience.
-
Bachelor’s degree in Computer Science, Information Systems, Finance, or related field, or equivalent experience.
-
Must possess broad knowledge of current and emerging technologies used both within the corporate infrastructure and in delivering customer facing services.
-
Experience with managed hosting, networking, large scale IT technology, or data center environments.
-
Professional/technical certifications such as CISA, CISSP, GSEC, or CISM or willingness to pursue.
-
Excellent organizational, verbal and written communication skills.
-
Advanced knowledge of personal computers and related software to include word processing and spreadsheets.
-
Ability to travel domestically and internationally. Travel is expected to be less than 25%.
Preferred Qualifications:
-
Professional/technical certifications, such as CISA, CISSP, GSEC, or CISM.
-
Experience in leading teams of technical personnel.
-
Experience in project management practices.
-
Experience with compliance/vulnerability tools (e.g., RSA Archer).
What to Expect Next
Based on your job application information you may be given the opportunity to complete a video interview immediately after applying. This will include a set of questions for you to record a response to in addition to Game Challenges. Completion of this video interview is a requirement in order to be considered for our open position. Now not a good time? No worries, we will also send you an email with a link to complete the video interview. We strongly recommend that you complete this within 5 days of your application date.
Requisition #: 264491
EEO Statement
We are committed to providing equal employment opportunities to all persons regardless of race, color, ancestry, citizenship, national origin, religion, veteran status, disability, genetic characteristic or information, age, gender, sexual orientation, gender identity, marital status, family status, pregnancy, or other legally protected status (collectively, “protected statuses”). We do not tolerate unlawful discrimination in any employment decisions, including recruiting, hiring, compensation, promotion, benefits, discipline, termination, job assignments or training.
Disclaimer
The above job definition information has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job. Job duties and responsibilities are subject to change based on changing business needs and conditions.
Salary Range
Salary Min :
85230
Salary Max :
189360
This information reflects the anticipated base salary range for this position based on current national data. Minimums and maximums may vary based on location. Individual pay is based on skills, experience and other relevant factors.
This position is eligible for either short-term incentives or sales compensation. Director and VP positions also are eligible for long-term incentive. To learn more about our bonus structure, you can view additional information here. (https://jobs.lumen.com/global/en/compensation-information) We’re able to answer any additional questions you may have as you move through the selection process.
As part of our comprehensive benefits package, Lumen offers a broad range of Health, Life, Voluntary Lifestyle and other benefits and perks that enhance your physical, mental, emotional and financial wellbeing. You can learn more by clicking here. (https://centurylinkbenefits.com)
Note: For union-represented postings, wage rates and ranges are governed by applicable collective bargaining agreement provisions.
Salary Range
Salary Min :
85230
Salary Max :
189360
This information reflects the base salary pay range for this job based on current national market data. Ranges may vary based on the job’s location. We offer competitive pay that varies based on individual experience, qualifications and other relevant factors. We encourage you to apply to positions that you are interested in and for which you believe you are qualified. To learn more, you are welcome to discuss with us as you move through the selection process.