Overview

CenturyLink is the third largest telecommunications company in the United States and is recognized as a leader in the network services market by technology industry analyst firms. The company is a global leader in cloud infrastructure and hosted IT solutions for enterprise customers. CenturyLink provides data, voice and managed services in local, national and select international markets through its high-quality advanced fiber-optic network and multiple data centers for businesses and consumers. CenturyLink is an S&P 500 company and is included among the Fortune 500 list of America’s largest corporations.Just like everyone else, we want to hire unbelievably bright engineers, who are a joy to work with, love to work with others, solve problems, listen well, and lead as appropriate. Oh, yeah, they have to love to learn new things, too. You should have a passion for cloud computing and for designing and building advanced security capabilities that support massive scale while requiring little day-to-day human intervention. Limiting yourself to just one area of the technology stack or one security specialty would be unthinkable for this kind of engineer, so we hope that you are comfortable doing everything from building highly automated identity management systems to deploying  comprehensive vulnerability and configuration management capabilities at global scale. About Platform CenturyLink:The Platform CenturyLink organization is the focal point for all cloud-related product development inside the larger CenturyLink Corporation. We consciously maintain our small company/startup feel, while taking advantage of the resources available from such a large company. As such, we have a very strongly focused DevOps culture, highly skilled agile workforce, with development as our core activity. We build the cloud, we build the applications that run on it, and we make it run. Every day. All the time. It’s what we do. CenturyLink offers competitive salaries and benefits.  Job DescriptionSolve complex security challenges with cost effective and reliable security technologies that are highly automated and perform efficiently at cloud scale. Research, design, recommend, implement, and support innovative security solutions in support of a fast-paced and entrepreneurial business environment. Perform as an integrated member of the product engineering teams to implement enhanced security capabilities into the environment. Translate business and security objectives into achievable controls, including building and supporting the technical implementation of those controls. Provide security input for network and software architectural changes, and new projects. Lead internal vulnerability management efforts, including network vulnerability scanning, web application security testing, and other specific security assessment efforts. Support internal security audits and assessments of external partners as needed. Stay current on security industry trends, attack techniques, mitigation techniques, and security technologies.   Job Responsibilities:During the first twelve months in the role you will work on the following projects/tasks: Employ your networking knowledge along with your cross-platform operating system and infrastructure scripting/automation skills to assist in the implementation of an automated asset management solution that easily scales to cover very large populations of equipmentUtilizing advanced knowledge of vulnerability management tools and techniques, design and deploy automated vulnerability scanning/tracking/reporting capabilities across the global infrastructure including network devices, servers, centralized storage devices, VMware, MS Windows, and LinuxUse your knowledge of identity management concepts and strong automation skills to architect and implement automated identity management integrations among disparate systems and technology platformsLeverage strong OS and device knowledge to design and deploy a privileged access management solution that will revolutionize how automated tools and administrators gain authorization to  access privileged accounts and the tracking of what is done with those accountsDevelop an automated penetration testing and vulnerability assessment program that provides actionable information on critical vulnerabilities to the engineering teamsPromote a culture of security across product development teams, providing subject matter expertise as needed to design reviews, etc.Required Qualifications:Strong background in automation and scriptingBachelor’s degree in Information Security, Computer Science, Information Systems, Engineering or related major or equivalent years of experience andA minimum seven years’ experience in the information security fieldMinimum of three years’ experience in either Linux or Windows operating systems (prefer both)Experience designing and implementing automated identity management solutions and integrating them with on premise and SaaS applicationsSolid understanding of core networking concepts to include routing and switchingWorking knowledge of industry standard security tools and encryption/cryptography protocols and best practices, authentication, authorization and directory services.Experience developing automated information security controls against common compliance frameworks such as SOC, FedRAMP, PCI-DSS, or Cloud Security AllianceDemonstrated experience in automated operating system, application, and network penetration testing and vulnerability assessment/managementPreferred Qualifications:CISSP, CISM, CISA, CEH, CEPT, GIAC or similar relevant information security certificationsModern hypervisor (VMware, Hyper-V, Xen, etc.) system administration experienceDemonstrated conceptual, analytical and innovative problem-solving and evaluative skillsDemonstrated knowledge of security controls for network, applications and operating systemsStrong knowledge and work experience with logical access controls to ensure confidentiality, integrity and assurance of proprietary informationDemonstrated interpersonal skills; including the ability to work effectively in a team environment as a participantDICE2#LI-POST1 Alternate Location: Bellevue, WA (Washington) Company StatementCenturyLink is an industry-leading provider of communications, high speed Internet and entertainment services from coast to coast.  Our combination of business and residential service solutions – including home and wireless voice solutions and digital television – provide innovative solutions to our customers.  CenturyLink is proud to be a participant in the U.S. General Services Administration Networx program, the largest communications services contract in the world.  CenturyLink offers you the opportunity to develop and cultivate your career as we lead the communications industry into the future.Disclaimer:The above job definition information has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job.  Job duties and responsibilities are subject to change based on changing business needs and conditions.