Principal Information Security Architect

About Lumen

Lumen connects the world. We are igniting business growth by connecting people, data and applications – quickly, securely, and effortlessly. Together, we are building a culture and company from the people up – committed to teamwork, trust and transparency. People power progress. We’re looking for top-tier talent and offer the flexibility you need to thrive and deliver lasting impact. Join us as we digitally connect the world and shape the future.

The Principal Information Security Architect provides subject matter expertise for multiple, complex security systems, including developing security architectures and roadmaps, and evaluating, planning and designing security solutions. Additionally, the Principal Architect provides subject matter expertise to Product, IT, Network, and Security teams in the implementation of recommended solutions for identified technical security issues; ensures the implementation of security solutions utilizing advanced technical expertise; serves as architecture lead on major projects with the ability and expertise to develop overall architectural direction; initiates and executes advanced research and development activities of significance to future business security strategies.

Experience with Security Designs, Guidance and Best Practices for defining and implementing secure interoperability of Lumen Digital offerings, partner portals, and infrastructure systems. Experience with security frameworks to align guidance and practice towards automated audit capabilities.

This role is designated as a fully remote position in Canada.

• Drives beneficial security change into the business through the development or review of architectures to ensure that they fit business requirements for security, mitigate risks, conform to the relevant security standards, and balance information risk against the cost of appropriate countermeasures.
• Develops and designs new security solutions to reduce risk and align business requirements with security standards. Supports vendor relationships; leads vendor reviews through RFx process, working with Procurement and appropriate business partners on requirements and success criteria. Supports development of business case and approval process.
• Delivers guidelines, best practices, and direction on security standards/policies and roadmaps. Provides subject matter expertise, consultation, and escalation support.
• Provides support to Security Review process by assisting with complex questions and projects. Work with business units and partners as needed.
• Acts as liaison between the business and technology from a security perspective, maintains an overview of the environment as a whole and its security aspects, understands business strategy and how it relates to security strategy, acts as a liaison between appropriate regulatory bodies, IT auditors, and business stakeholders, educates IT and enterprise roles on the need for (and consequences of) reducing information-related risk, and ultimately drives organizational change at all levels of the business.

Required Qualifications:

• Bachelor’s degree in computer science, engineering, or related field with 15+ years of relevant experience or
• Master’s degree in computer science, engineering, or related field with 12+ years of relevant experience.
• Applicable professional/technical certifications must be in place, such as CISSP, GPEN, GWAPT, GISEC, CISM or CISA.
• Software development experience.

Preferred Qualifications:

• Knowledge of information security industry and regulatory obligations (ISO 27001/27002, NIST Framework, FISMA, FedRAMP, and GDPR).

Requisition #: 337262

We are committed to providing equal employment opportunities to all persons regardless of race, color, ancestry, citizenship, national origin, religion, veteran status, disability, genetic characteristic or information, age, gender, sexual orientation, gender identity, gender expression, marital status, family status, pregnancy, or other legally protected status (collectively, “protected statuses”). We do not tolerate unlawful discrimination in any employment decisions, including recruiting, hiring, compensation, promotion, benefits, discipline, termination, job assignments or training.

The job responsibilities described above indicate the general nature and level of work performed by employees within this classification. It is not intended to include a comprehensive inventory of all duties and responsibilities for this job. Job duties and responsibilities are subject to change based on evolving business needs and conditions.