LEAD INFORMATION SECURITY ENGINEER (ISSO with PQC)

Lumen

$105K — $155K *
US-AnywhereRemote in United States
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in information assurance, cybersecurity, or a related field, or equivalent experience
  • Minimum of 5 years of relevant experience in information assurance, with demonstrated responsibility for RMF execution and ATO support
  • Proven experience developing and maintaining authorization artifacts (e.g., SSP, POA&M) and supporting security assessments
  • Experience operating in customer-facing or services-based environments supporting federal or regulated clients is strongly preferred
  • Relevant certifications in governance, risk, and compliance (e.g., CGRC, CISA) are strongly preferred or equivalent demonstrated RMF experience
  • Broad security certifications (e.g., CISSP, CCSP) are preferred and may supplement GRC experience
  • Proficiency with technologies, tools, and processes supporting GRC, vulnerability management, and continuous monitoring

Responsibilities

  • Serve as the primary ISSO for assigned systems, accountable for end-to-end RMF execution and ATO outcomes
  • Execute the full RMF lifecycle, including control implementation, assessment readiness, and continuous monitoring
  • Develop, maintain, and ensure accuracy of authorization artifacts (e.g., SSP, POA&M, control evidence)
  • Track, prioritize, and drive remediation of vulnerabilities, audit findings, and control deficiencies
  • Provide system-level risk assessments and actionable recommendations, including impact and remediation considerations
  • Coordinate with engineering, operations, and program teams to ensure security controls are effectively implemented
  • Support security assessments, audits, and inspections as the ISSO representative

Benefits

  • Comprehensive health and life insurance package
  • Voluntary lifestyle benefits
  • Opportunities for financial wellbeing
  • Access to a bonus structure including short-term and long-term incentives
  • Remote work flexibility
Full Job Description
Location

This is a remote position open to candidates based anywhere in the U.S.

The Role

At Lumen, the Lead Information Security Engineer owns the development, maintenance, and defensibility of the security authorization package for assigned systems, ensuring compliance with federal requirements and readiness for assessment. In this role, you apply and refine your RMF expertise through end-to-end execution, working directly with customers and stakeholders to validate controls, surface risk, and drive remediation. Your impact is measured through the successful sustainment of Authorization to Operate (ATO) outcomes, the strength of the system's security posture, and the ability to support secure, compliant delivery of mission-critical services.

The Lead ISSO may operate independently for smaller or less complex environments or in alignment with a Senior Lead (ISSM) for larger programs.

The successful candidate will demonstrate the ability to:
  • Serve as the primary ISSO for assigned systems, accountable for end-to-end RMF execution and ATO outcomes
  • Execute the full RMF lifecycle, including categorization, control implementation, assessment readiness, authorization support, and continuous monitoring
  • Develop, maintain, and ensure accuracy of authorization artifacts (e.g., SSP, POA&M, control evidence)
  • Ensure systems remain ATO-compliant, audit-ready, and aligned with federal requirements (e.g., FedRAMP, FISMA, DoD)
  • Track, prioritize, and drive remediation of vulnerabilities, audit findings, and control deficiencies
  • Provide system-level risk assessments and actionable recommendations, including impact and remediation considerations
  • Monitor vulnerability, audit, and continuous monitoring data to maintain awareness of system risk posture
  • Coordinate with engineering, operations, and program teams to ensure security controls are implemented effectively and sustainably
  • Support security assessments, audits, and inspections as the ISSO representative, including direct interaction with assessors and customer stakeholders
  • Evaluate products, services, and proposed architectures for compliance, risk, and implementation feasibility within customer authorization environments
  • Support customer integration of managed services by defining control responsibilities, inheritance boundaries, and implementation expectations
  • Provide input grounded in RMF execution and ATO processes to support solution design, capture efforts, and delivery alignment


The Main Responsibilities

  • Strong working knowledge of NIST RMF (SP 800-37) and NIST SP 800-53 control framework
  • Demonstrated experience executing RMF activities and supporting or leading ATO outcomes for federal or DoD systems
  • Experience with FedRAMP and/or FISMA authorization processes, including artifact development and assessment readiness
  • Ability to independently execute RMF activities and manage system-level security posture with minimal oversight
  • Strong understanding of control implementation, inheritance, and shared responsibility models within complex or hybrid environments
  • Ability to assess and communicate security risk in complex architectures, translating regulatory requirements into actionable guidance
  • Experience evaluating security, compliance, and delivery feasibility of products, services, and architectures
  • Working knowledge of cryptographic principles and emerging standards, including post-quantum cryptography (PQC), and ability to assess vendor solutions for compliance, risk, and implementation considerations
  • Strong collaboration skills across engineering, operations, program management, and security teams
  • Effective written and verbal communication skills for both technical and non-technical audiences
  • Demonstrates Lumen leadership behaviors (teamwork, trust, transparency, clarity, courage, customer focus, growth mindset, respect)


What We Look For in a Candidate

  • Bachelor's degree in information assurance, cybersecurity, or a related field, or equivalent experience
  • Minimum of 5 years of relevant experience in information assurance, with demonstrated responsibility for RMF execution and ATO support
  • Proven experience developing and maintaining authorization artifacts (e.g., SSP, POA&M) and supporting security assessments
  • Experience operating in customer-facing or services-based environments supporting federal or regulated clients is strongly preferred
  • Relevant certifications in governance, risk, and compliance (e.g., CGRC, CISA) are strongly preferred or equivalent demonstrated RMF experience
  • Broad security certifications (e.g., CISSP, CCSP) are preferred and may supplement GRC experience
  • Proficiency with technologies, tools, and processes supporting GRC, vulnerability management, and continuous monitoring


Security Requirements

  • US citizenship required.
  • The capability to meet the suitability requirements for a GSA public trust position is required.


Compensation

This information reflects the anticipated base salary range for this position based on current national data. Minimums and maximums may vary based on location. Individual pay is based on skills, experience and other relevant factors.

Location Based Pay Ranges

$105,786 - $141,047 in these states: AL AR AZ FL GA IA ID IN KS KY LA ME MO MS MT ND NE NM OH OK PA SC SD TN UT VT WI WV WY
$111,074 - $148,099 in these states: CO HI MI MN NC NH NV OR RI
$116,364 - $155,152 in these states: AK CA CT DC DE IL MA MD NJ NY TX VA WA

Lumen offers a comprehensive package featuring a broad range of Health, Life, Voluntary Lifestyle benefits and other perks that enhance your physical, mental, emotional and financial wellbeing. We're able to answer any additional questions you may have about our bonus structure (short-term incentives, long-term incentives and/or sales compensation) as you move through the selection process.

Learn more about Lumen's:Benefits
Bonus Structure

#LI-Remote

Requisition #: 342682

Similar Jobs

More Jobs at Lumen

More Information Technology Jobs

Find similar LEAD INFORMATION SECURITY ENGINEER (ISSO with PQC) jobs: