**About Lumen** Lumen connects the world. We are igniting business growth by connecting people, data and applications – quickly, securely, and effortlessly. Together, we are building a culture and company from the people up – committed to teamwork, trust and transparency. People power progress. We’re looking for top-tier talent and offer the flexibility you need to thrive and deliver lasting impact. Join us as we digitally connect the world and shape the future. **The Role** The Lead Security Control Validation’s mission is to enhance the security of Lumen systems and its products by validating the effectiveness of security controls, proactively identifying misconfigurations, and confirming security mitigations. They are an innovator who is a progressive, forward-thinking person with Penetration Testing, Automation and Data science skills that will lean into AI opportunities to ensure complex security controls remain effective in a programmatic manner. **Location** This is a remote position open to candidates based anywhere in the U.S. **The Main Responsibilities** Establish and oversee a Continuous Security Validation Service that seamlessly integrates the following services and their associated outcomes into dependent systems. This service will provide real-time reporting on control status and promptly address any non-compliant findings. **Security Controls Assessment:** + Automate the assessment of existing security controls to ensure they meet industry standards and organizational policies. + Develop and execute testing protocols to validate the effectiveness of security controls. **Continuous Monitoring and Improvement:** + Implement continuous monitoring practices to detect and respond to changes in the security landscape and Lumen control readiness. + Identify weaknesses in security controls and provide actionable recommendations for improvement. **Penetration Testing and Vulnerability Management:** + Ensures regular penetration tests and vulnerability scans are performed to leverage remediation results for updated control assessments. **Compliance and Risk Management:** + Ensure all security controls comply with regulatory requirements and organizational risk management frameworks. + Maintain up-to-date documentation of security controls, test results, and compliance status. **Incident Response:** + Collaborate with the incident response team to investigate security breaches and recommend improvements to security controls based on findings. + Participate in post-incident reviews to assess the performance of security controls and suggest enhancements. **Dashboards and Metrics:** + Automate the integration of service KPIs into program performance dashboards and associated metrics to demonstrate the effectiveness of current controls, associated deficiencies and month over month risk management or reduction. **What We Look For in a Candidate** + Bachelor’s Degree in Computer Science, Information Technology, Cyber Security, or a related field. Advanced degree preferred. + Minimum of 8 years of experience in cyber security, with a focus on security control assessments, penetration testing, and vulnerability assessment. + Proven track record of effectively assessing and improving security controls in complex IT environments. + Relevant certifications such as CISSP, CEH, OSCP, CISM, or similar are highly desirable. + Strong experience in Automation capabilities, API integrations and orchestration + Proficiency in security assessment tools (e.g., Wiz, Nessus, Metasploit, Burp Suite). + Demonstrate knowledge of security technologies, trends, leading practices, and regulatory requirements and government security standards such as FedRAMP and Controlled Unclassified Information (CUI) standards, along with best practices such as NIST Cybersecurity Framework (CSF), NIST 800-171, NIST 800-53, ISO 27001-27002 and other applicable security and privacy laws. **Compensation** This information reflects the anticipated base salary range for this position based on current national data. Minimums and maximums may vary based on location. Individual pay is based on skills, experience and other relevant factors. **Location Based Pay Ranges:** $103,711 - $138,281 in these states: AL, AR, AZ, FL, GA, IA, ID, IN, KS, KY, LA, ME, MO, MS, MT, ND, NE, NM, OH, OK, PA, SC, SD, TN, UT, VT, WI, WV, and WY. $108,896 - $145,195 in these states: CO, HI, MI, MN, NC, NH, NV, OR, and RI. $114,082 - $152,109 in these states: AK, CA, CT, DC, DE, IL, MA, MD, NJ, NY, TX, VA, and WA. \#GSS Lumen offers a comprehensive package featuring a broad range of Health, Life, Voluntary Lifestyle benefits and other perks that enhance your physical, mental, emotional and financial wellbeing. We're able to answer any additional questions you may have about our bonus structure (short-term incentives, long-term incentives and/or sales compensation) as you move through the selection process. Learn more about Lumen's: + Benefits (https://jobs.lumen.com/global/en/benefits-statement) + Bonus Structure \#LI-KG Requisition #: 337708 **Background Screening** If you are selected for a position, there will be a background screen, which may include checks for criminal records and/or motor vehicle reports and/or drug screening, depending on the position requirements. For more information on these checks, please refer to the Post Offer section of our FAQ page (https://jobs.lumen.com/i/global/en/faqs) . Job-related concerns identified during the background screening may disqualify you from the new position or your current role. Background results will be evaluated on a case-by-case basis. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. **Equal Employment Opportunities** We are committed to providing equal employment opportunities to all persons regardless of race, color, ancestry, citizenship, national origin, religion, veteran status, disability, genetic characteristic or information, age, gender, sexual orientation, gender identity, gender expression, marital status, family status, pregnancy, or other legally protected status (collectively, “protected statuses”). We do not tolerate unlawful discrimination in any employment decisions, including recruiting, hiring, compensation, promotion, benefits, discipline, termination, job assignments or training. **Disclaimer** The job responsibilities described above indicate the general nature and level of work performed by employees within this classification. It is not intended to include a comprehensive inventory of all duties and responsibilities for this job. Job duties and responsibilities are subject to change based on evolving business needs and conditions. In any materials you submit, you may redact or remove age-identifying information such as age, date of birth, or dates of school attendance or graduation. You will not be penalized for redacting or removing this information. Please be advised that Lumen does not require any form of payment from job applicants during the recruitment process. All legitimate job openings will be posted on our official website or communicated through official company email addresses. If you encounter any job offers that request payment in exchange for employment at Lumen, they are not for employment with us, but may relate to another company with a similar name. **Application Deadline** 04/29/2025