More jobs:
LEAD Information Security Engineer; ISSO PQC
Remote / Online - Candidates ideally in
Concord, Merrimack County, New Hampshire, 03302, USA
Listed on 2026-07-04
Concord, Merrimack County, New Hampshire, 03302, USA
Listing for:
Lumen
Remote/Work from Home
position Listed on 2026-07-04
Job specializations:
-
IT/Tech
Cybersecurity, Information Security
Job Description & How to Apply Below
Lumen is the trusted network for the AI‑powered world, connecting people, data, and applications through our expansive fiber network and connected ecosystem. We enable secure, high‑performance connectivity across cloud, edge, and AI workloads for enterprises, governments, and communities.
At Lumen, you'll work on infrastructure customers rely on today and build for what's next, where performance, security, and resilience matter.
This is a high accountability environment where bold ideas drive real innovation for our customers, partners, and industry. The work is challenging, expectations are clear, and trust is built into how we operate. If you're ready to take ownership, deliver meaningful impact, and help shape the future of AI‑ready connectivity, join us today.
** Location*
* This is a remote position open to candidates based anywhere in the U.S.
** The Role*
* At Lumen, the Lead Information Security Engineer owns the development, maintenance, and defensibility of the security authorization package for assigned systems, ensuring compliance with federal requirements and readiness for assessment. In this role, you apply and refine your RMF expertise through end-to-end execution, working directly with customers and stakeholders to validate controls, surface risk, and drive remediation. Your impact is measured through the successful sustainment of Authorization to Operate (ATO) outcomes, the strength of the system's security posture, and the ability to support secure, compliant delivery of mission-critical services.
The Lead ISSO may operate independently for smaller or less complex environments or in alignment with a Senior Lead (ISSM) for larger programs.
The successful candidate will demonstrate the ability to:
+ Serve as the primary ISSO for assigned systems, accountable for end-to-end RMF execution and ATO outcomes
+ Execute the full RMF lifecycle, including categorization, control implementation, assessment readiness, authorization support, and continuous monitoring
+ Develop, maintain, and ensure accuracy of authorization artifacts (e.g., SSP, POA&M, control evidence)
+ Ensure systems remain ATO-compliant, audit-ready, and aligned with federal requirements (e.g., FedRAMP, FISMA, DoD)
+ Track, prioritize, and drive remediation of vulnerabilities, audit findings, and control deficiencies
+ Provide system-level risk assessments and actionable recommendations, including impact and remediation considerations
+ Monitor vulnerability, audit, and continuous monitoring data to maintain awareness of system risk posture
+ Coordinate with engineering, operations, and program teams to ensure security controls are implemented effectively and sustainably
+ Support security assessments, audits, and inspections as the ISSO representative, including direct interaction with assessors and customer stakeholders
+ Evaluate products, services, and proposed architectures for compliance, risk, and implementation feasibility within customer authorization environments
+ Support customer integration of managed services by defining control responsibilities, inheritance boundaries, and implementation expectations
+ Provide input grounded in RMF execution and ATO processes to support solution design, capture efforts, and delivery alignment
** The Main Responsibilities*
* + Strong working knowledge of NIST RMF (SP 800-37) and NIST SP 800-53 control framework
+ Demonstrated experience executing RMF activities and supporting or leading ATO outcomes for federal or DoD systems
+
Experience with FedRAMP and/or FISMA authorization processes, including artifact development and assessment readiness
+ Ability to independently execute RMF activities and manage system-level security posture with minimal oversight
+ Strong understanding of control implementation, inheritance, and shared responsibility models within complex or hybrid environments
+ Ability to assess and communicate security risk in complex architectures, translating regulatory requirements into actionable guidance
+ Experience evaluating security, compliance, and delivery feasibility of products, services, and architectures
+ Working knowledge of cryptographic principles and emerging…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×