Work in Iowa Energy Jobs

Job Information

Lumen Senior Manager (Vendor Risk Management) - Remote in Des Moines, Iowa

About Lumen

Lumen is guided by our belief that humanity is at its best when technology advances the way we live and work. With 450,000 route fiber miles serving customers in more than 60 countries, we deliver the fastest, most secure global platform for applications and data to help businesses, government and communities deliver amazing experiences. Learn more about Lumen’s network, edge cloud, security and communication and collaboration solutions and our purpose to further human progress through technology at, LinkedIn: /lumentechnologies, Twitter: @lumentechco, Facebook: /lumentechnologies, Instagram: @lumentechnologies and YouTube: /lumentechnologies.

The Role

Lumen is looking for an experienced vendor risk management leader to further develop and drive our vendor risk management capabilities and enabling the business to make risk-informed decisions. Reporting to the Senior Director Security and Risk Management, the Senior Manager Vendor Risk Management is responsible for program execution, maturing vendor risk management framework, and communicating and reporting identified vendor risks to risk owners. This successful candidate will further automate and operationalize vendor risk assessment process, reporting, for all risk assessments. Produce metrics and reporting to support the business partners ability to make risk informed decision.

This leader will work closely with internal and external stakeholders, and the line of business, security, privacy, compliance, internal audit, and technology organizations. The position requires strong skills and experience in the following areas: leadership, vendor, and supplier risk management, performing vendor risk assessment, developing metrics, contract review, excellent verbal and written communication, problem solving, experience driving organizational change, and interpersonal skills.

The Main Responsibilities

  • Mange Operational vendor risk management team for vendor onboarding, due diligence, and ongoing monitoring.

  • Mature Lumen’s risk culture by leading vendor risk discussions and decisions with stakeholders

  • Manage vendor management lifecycle including vendor risk reporting and oversight of assessed vendors.

  • Manage vendor communication to conduct vendor risk assessments, and timely completion of vendor questionnaires.

  • Support the operations for the vendor risk management automation platform, including development of new builds to enhance vendor risk assessment process.

  • Timely reporting and escalation of third-party issues and remediation actions associated with control gaps for closure.

  • Manage coordination across multiple vendors, business risk owners, and risk review teams.

  • Advise on vendor risk treatment plan to reduce risk to organization.

  • Support reporting requirements and audit exams, reports for Senior leadership team, and develop metrics to assess and reporting of vendor risk.

  • Execute on strategic roadmap to enhance third-party onboarding and inherent and residual risk measurement process, vendor segmentation, and alignment to risk policy and procedures.

What We Look For in a Candidate

  • Proven experience leading and developing high-performing teams; Ability to influence and drive organizational change.

  • Direct experience working in Third party Risk management team; in financial, telecom industry experience preferred or other highly regulated industries.

  • Experience and deep understanding of qualitative vs. quantitative risk management and inherent vs. residual risk to properly determine, evaluate, and report on related vendor risk assessments.

  • Understanding of standard contract structure and terms and experience in working with audit and testing on assessment exams a plus

  • Experience in evaluating, developing, and implementing vendor risk assessment and mitigation solutions.

  • Demonstrated capability to understand and negotiate legal contractual language and effectively communicate with legal attorneys, business sponsors and sourcing teams.

  • Experience creating and utilizing KPIs and KRIs; experience with dashboards and data visualization tools.

  • Experience with daily IT operations and best practice frameworks (ISO 27001/2, CIS Critical Controls, NIST 800-73, etc.) in one or more areas, such as system administration, networking, and information security.

  • An understanding of various data protection laws (e.g. GLBA, GDPR, CCPA, etc.).

  • Strong relationship building experience, both internally with business and technology leaders, information security teams, and legal teams, and externally with service providers and business partners.

  • Excellent communication skills, including presentation, written, and verbal; demonstrated business acumen; Results oriented and proven ability to meet deadlines.

  • Strong documentation, planning, negotiation, work prioritization, and organizational skills.

  • Bachelor’s degree in Information Technology or related field is preferred. High school diploma (or equivalent) in combination with 10+ years of experience in an information security role will be considered. Minimum of high school diploma or equivalent is required.

  • Preferred working knowledge of legislative and financial regulatory compliance standards and best practices.

  • Preferred CRISC, CISM, CISSP or equivalent certifications.

What to Expect Next

Based on your job application information you may be given the opportunity to complete a video interview immediately after applying. This will include a set of questions for you to record a response to in addition to Game Challenges. Completion of this video interview is a requirement in order to be considered for our open position. Now not a good time? No worries, we will also send you an email with a link to complete the video interview. We strongly recommend that you complete this within 5 days of your application date.

Requisition #: 330614

When applying for a position, you may be subject to a background screen (criminal records check, motor vehicle report, and/or drug screen), depending on the requirements for the position. More information on what’s included in these checks can be found in the Post Offer section of our FAQ page ( . Job-related concerns noted in the background screen may disqualify you from the new position or your current role. Background results will be evaluated on a case-by-case basis.

EEO Statement

We are committed to providing equal employment opportunities to all persons regardless of race, color, ancestry, citizenship, national origin, religion, veteran status, disability, genetic characteristic or information, age, gender, sexual orientation, gender identity, gender expression, marital status, family status, pregnancy, or other legally protected status (collectively, “protected statuses”). We do not tolerate unlawful discrimination in any employment decisions, including recruiting, hiring, compensation, promotion, benefits, discipline, termination, job assignments or training.


The above job definition information has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job. Job duties and responsibilities are subject to change based on changing business needs and conditions.

Salary Range

Salary Min :


Salary Max :


This information reflects the anticipated base salary range for this position based on current national data. Minimums and maximums may vary based on location. Individual pay is based on skills, experience and other relevant factors.

This position is eligible for either short-term incentives or sales compensation. Director and VP positions also are eligible for long-term incentive. To learn more about our bonus structure, you can view additional information here. ( We're able to answer any additional questions you may have as you move through the selection process.

As part of our comprehensive benefits package, Lumen offers a broad range of Health, Life, Voluntary Lifestyle and other benefits and perks that enhance your physical, mental, emotional and financial wellbeing. You can learn more by clicking here. (

Note: For union-represented postings, wage rates and ranges are governed by applicable collective bargaining agreement provisions.