BroomfieldRecruiter Since 2001
the smart solution for Broomfield jobs

Sr Information Security Engineer - Vulnerability Management

Company: CenturyLink
Location: Broomfield
Posted on: June 11, 2019

Job Description:

CenturyLink (NYSE: CTL) is a global communications and IT services company focused on connecting its customers to the power of the digital world. CenturyLink offers network and data systems management, big data analytics, managed security services, hosting, cloud, and IT consulting services. The company provides broadband, voice, video, advanced data and managed network services over a robust 265,000-route-mile U.S. fiber network and a 360,000-route-mile international transport network. Visit CenturyLink for more information.

Job Summary

The Senior Information Security Engineer on the Cybersecurity Vulnerability Assessment Services (CVAS) team within Enterprise Security is primarily responsible for identifying, establishing, enhancing, and performing operational functions of vulnerability management. Operational functions include establishing and maintaining scanning capabilities, identifying vulnerabilities through scanning capabilities, and providing remediation oversight of vulnerabilities on CenturyLink servers, databases, applications, network elements, and other systems across the corporate enterprise. The engineer is responsible to assist with realizing strategic security initiatives to improve the team capabilities associated with vulnerability management and vulnerability scanning methodology. The engineer will conduct penetration testing on a limited basis to assist the CVAS team penetration testers and to advance penetration testing skills.

The engineer must possess general knowledge of cybersecurity threats, vulnerabilities, and technologies. The engineer must possess broad knowledge of Information Security and Information Technology (IT) systems as well as a reasonable understanding in all disciplines of networking, programming, application development and system administration. The engineer must have effective oral and written communication skills to provide remediation oversight of vulnerabilities, document team procedures and processes, and assist with documents intended for executive review and approvals. The engineer must be able to work independently, as well as collaboratively with others, to foster consulting with internal partners

Job Description


  • Represent Corporate Security as a Subject Matter Expert (SME) regarding CenturyLink vulnerability scanning capabilities and methodologies.
  • Oversee the response to High severity vulnerabilities that impact CenturyLink systems by analyzing the vulnerabilities, identifying systems impacted, and collaborating with system owners to communicate the risk of vulnerabilities, establish remediation priority, and validate remediation efforts.
  • Coordinate and lead routine vulnerability scanning and remediation oversight on CenturyLink systems as required for compliance of Payment Card Industry Data Security Standard (PCI DSS), Federal Information Security Management Act (FISMA), Health Insurance Portability and Accountability Act (HIPAA), and other industry compliance standards as necessary.
  • Identify vulnerabilities on CenturyLink systems through vulnerability scanning for CenturyLink infrastructures, products, and services encompassing network elements, operating systems, databases, and applications across the corporate enterprise.
  • Contribute to realize strategic security initiatives to improve vulnerability management and vulnerability scanning capabilities through automation development, processes enhancements, and infrastructure expansion.
  • Create reports and generate vulnerability metrics for executive management levels to utilize in making informed business decisions that impact the security of CenturyLink and its customers.
  • Perform operational support of vulnerability management systems and applications that the CVAS team is responsible to maintain and define documented procedures and processes.
  • Conduct penetration testing on a limited basis to assist the CVAS team penetration testers.
  • Identify deficiencies within vulnerability management and vulnerability scanning tools, procedures, and processes and provide recommendations for improvement.
  • Contribute to develop, facilitate, and maintain the Information Security Policy, Methods & Procedures, Technical Standards, Technical Best Practices, and general processes for vulnerability management.
  • Instill a security culture company-wide through vulnerability awareness and remediation mindset.


    Qualifications


    • Undergraduate degree in Information Security, Computer Science, Computer Engineering, or related field, or equivalent experience.
    • 2+ years' experience in Information Security; or 1+ years with a Master's degree and relevant work experience.
    • Applied experience performing vulnerability scanning and vulnerability management functions for medium to large enterprises.
    • Experience utilizing multiple vulnerability scanning tools and platforms.
    • Knowledge of current and emerging cybersecurity threats, vulnerabilities, and technologies.
    • Awareness of NIST Vulnerability Database pertaining to vulnerability severity ratings.
    • Basic knowledge of programing languages such as C/C++, C#, VB.NET, ASP, PHP, PERL, Python, Java, Assembly, UNIX Shell, Microsoft PowerShell, or other programming language.
    • General understanding of common networking protocols.
    • General understanding and experience of UNIX derivative operating system distributions as well as various Windows operating systems.
    • Effective oral and written communication skills and comfort with presenting technical issues to all levels of management, as well as non-technical staff.
    • Applicable professional certification encompassing multiple foundational security domains must be in place, such as CISSP, GSEC, GCED, or Security+.


      Preferred Qualifications:


      • Master's degree in Computer Science, Engineering, related field, or equivalent experience.
      • 2+ years of experience performing vulnerability scanning full time in a large enterprise environment encompassing network elements/protocols, operating systems, databases, and applications including systems in scope for a compliance standard.
      • Applied experience performing penetration testing.
      • Applied experience with OWASP Top 10, SANS Top 20, and NIST Vulnerability Database.
      • Applied experience in application development utilizing C/C++, C#, VB.NET, ASP, PHP, PERL, Python, Java, Assembly, UNIX Shell, Microsoft PowerShell, or other programming language.
      • Experience as a network/firewall engineer, administrator, designer, implementer, or support technician with technologies, tools, and process controls to minimize risk and data exposure.
      • Awareness of information security industry and regulatory obligations (PCI, FISMA, HIPAA, ISO 27001/27002, NIST Framework) pertaining to vulnerability management.
      • Applicable specialized professional certification in the domain of vulnerability assessments or penetration testing, such as CEH, GPEN, GWEB, or OSCP.
      • Possesses a US Government Secret (or higher) security clearances.


        Alternate Location: US-Colorado-Broomfield; US-Colorado-Denver; US-Colorado-Littleton; US-Kansas-Gardner; US-Kansas-New Century; US-Louisiana-Monroe

        Requisition #: 212352

        This job may require successful completion of an online assessment. A brief description of the assessments can be viewed on our website at http://find.centurylink.jobs/testguides/

        EEO Statement

        We are committed to providing equal employment opportunities to all persons regardless of race, color, ancestry, citizenship, national origin, religion, veteran status, disability, genetic characteristic or information, age, gender, sexual orientation, gender identity, marital status, family status, pregnancy, or other legally protected status (collectively, "protected statuses"). We do not tolerate unlawful discrimination in any employment decisions, including recruiting, hiring, compensation, promotion, benefits, discipline, termination, job assignments or training.

        Disclaimer

        The above job definition information has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job. Job duties and responsibilities are subject to change based on changing business needs and conditions.

Keywords: CenturyLink, Broomfield , Sr Information Security Engineer - Vulnerability Management, Executive , Broomfield, Colorado

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category
within


Other Executive Jobs


Rocky Mountain Regional Territory Manager
Description: Trident Steel Corporation has been a mid-con stocking distributor of OCTG and line pipe since 1978 and we are
Company: Trident Steel Corporation
Location: Denver
Posted on: 06/19/2019

Digital Marketing and Analytics Manager
Description: At Cake, we understand that running a business is hard work, but insuring a business shouldn't be. Cake is a digital solution that makes it easy for small business owners to buy and manage workers' comp (more...)
Company: Pinnacol Assurance
Location: Denver
Posted on: 06/19/2019

Product Manager
Description: Job DescriptionPosition:--Product ManagerDivision:--Denver, CO or Hailey, IDDepartment:--Product ManagementReports to:--Director of Product Management About Marketron:Marketron is the leading provider (more...)
Company: Marketron
Location: Denver
Posted on: 06/19/2019


Outside Sales/Route Sales Manager - Full Training
Description: Build a Great Career and a Great Life. Sales job title: Outside Sales/Route Sales Manager Full TrainingFeel the freedom independence of managing your
Company: Mac Tools
Location: Littleton
Posted on: 06/19/2019

Desking Manager
Description: Job DescriptionDesking Manager br br What's your ambition br br ul br li To be a part of something that's redefining an industry br br li Career paths with opportunities to learn (more...)
Company: AutoSource Motors
Location: Windsor
Posted on: 06/19/2019

Office Manager II - Block Advisors
Description: Office Manager II - Block Advisors Seeking retail office managers eager to advance their career by accelerating our seasonal business and a leading dynamic team of tax advisor professionals to deliver (more...)
Company: H&R BLOCK
Location: Westminster
Posted on: 06/19/2019

Senior Manager, Regulatory Affairs
Description: Job Description Senior Manager, Regulatory Affairs Date: May 23, 2019 Location: Lakewood, CO, US Company: Terumo BCT, Inc. Requisition ID: 23181 Develops objectives and plans for major portions of the (more...)
Company: TerumoBCT, Inc.
Location: Lakewood
Posted on: 06/19/2019

Community Manager
Description: Location: Johnstown, Colorado, 80534, United StatesJob ID: 49016309Position Title: Community ManagerCompany Name: Continental Properties is looking for an accomplished and driven lease-up Community Manager (more...)
Company: Continental Properties
Location: Johnstown
Posted on: 06/19/2019

Retail Manager - Northglenn, CO
Description: Retail Manager - Northglenn, CO Overview Why should the next step in your retail career be with a restaurant company Because we are the best kept secret in retail We wouldn't be Cracker Barrel Old Country (more...)
Company: Cracker Barrel
Location: Denver
Posted on: 06/19/2019

Admissions Assistant Director - Chicago Regional
Description: Requisition Number: 18526 Location: Chicago, IL Employment Type: University Staff Schedule: Full-Time Posting Close Date: 23-Jun-2019 Close All Job Summary The Office of Admissions welcomes applications (more...)
Company: University of Colorado Boulder
Location: Boulder
Posted on: 06/19/2019

Log In or Create An Account

Get the latest Colorado jobs by following @recnetCO on Twitter!

Broomfield RSS job feeds