Sr Security Professional

**About Lumen**

**The Role**:

- As a cyber security specialist, you will be part of Lumen’s team of cybersecurity advisors, threat hunters and build team in the region in engagements to help our clients enact proactive risk management and improve their security posture. You will be part of a team of specialists helping our clients with their most complex information security needs and contributing toward their improved security posture. The position objectives are:
- Provide thought leadership and deliver proactive cybersecurity advisory services which complements our Managed Security Services in the region.
- Responsible for managing client satisfaction.

**The Main Responsibilities**:

- Provide advisory and guidance to customers on improving their security posture, security policy, regulatory compliance to comply with Information Security Standards. Review, advice and document security operations changes requested by the customer and provide direction or guidance for the implementation of associated changes.
- Vulnerability Scans and Reviews - Work with customers, where appropriate, using the customer’s tools to conduct vulnerability assessment scans, authenticated or unauthenticated. Analyze and recommend on critical and high-priority risks based on identified vulnerabilities.
- Conduct compliance checks for customers environment based on CIS benchmarks. Where there are non-existent benchmark, recommend an appropriate baseline for compliance checks on those technologies.
- Security Incident Response Support - Work with customers, where appropriate, to conduct tabletop exercises, real-world drills for security incident response. Test their response plans.
- Be an extended expertise to the SOC team to assist customers with investigation of escalated security events and if required, provide post incident reports.
- Support customers in mapping their environment to MITRE ATT&CK framework, identifying opportunities for new correlation rules / use cases which are relevant to their environment and building these use cases.
- Review customer’s audit findings / gaps and recommend appropriate corrective actions to remedy such gaps. Remediation is typically a responsibility of the customers.
- Communicate with customers regarding pertinent information security issues and provide periodic security posture updates.
- Provide expert advice and work collaboratively with clients to continuously improve their security posture, and quality of Lumen’s managed security services in general.
- Grow and upsell security services and managed security services to clients, while avoiding churn.
- Work with clients to develop operational runbook or standard operating procedures (SOP) and continuously improve it over time.
- Participate in risk governance and service review meetings with clients to provide updates, suggestions and recommendations, including calibration of use cases and new use cases, where applicable.
- Support or work with building correlation rules for SIEM, or playbooks for SOAR, to enrich events of interest to limit number of false positives or provide more details for SOC analyst for tirage or client to remediate.
- Lead in both reactive and proactive threat hunting initiatives for clients
- 5+ years thorough knowledge and experience as an information security professional.
- You should have prior background in client engagement experiences with Managed Security Services, risk advisory, risk assessment, or providing high-quality security consulting and professional security services and is expected to be able to deliver such services to Lumen clients.
- Familiar with one or more of MITRE ATT&CK framework, NIST Cybersecurity Framework, The Center for Internet Security Critical Security Controls (CIS) and other risk and control frameworks.
- Significant experiences in overall security program design, implementation and management for large enterprises, in administering scanning/penetration testing/vulnerability management tools or in evaluating IT security personnel in job performance and skill suitability, is preferred.
- Attention to details.
- Possess the patience and qualities of a good coach.
- Demonstrated ability to make and take responsibility for decisions on major issues.
- Excellent communication and presentation skills including whiteboarding, to a variety of external audiences, including being able to interact with C-level / senior executives.
- Desire to continuously seek opportunities to increase client satisfaction.
- Resilience and ability to handle stressful situations effectively while managing several tasks.
- Excellent critical thinking and analysis skills in an enterprise environment.
- Ability to interpret customer requirements and develop solutions to meet these requirements.
- Strong customer mindset, focus and quality mindset.
- Advantageous to have relevant industry IT security certifications (CISSP, CISM, CISA, GIAC or others).

**What to Expect Next**:
Requisition #: 316504