Jobs · Information Technology

SR INFORMATION SECURITY ENGINEER - Cybersecurity Incident Response

Lumen Technologies · United States · Yesterday
RemoteRemoteInformation Technology$85k–$113k/yrFull-time

Main Responsibilities

  • Respond to, remediate, and document information security incidents not limited to dashboard (Advanced Threat Appliance & SIEM) alerts, tickets, emails, or phone calls.
  • Actively hunt the enterprise for insecure, suspicious, or malicious activity.
  • Review data that is processed within the SIEM to find incident evidence and suspicious events as well as out-of-scope events.
  • Verify and validate security notifications from both internal and external sources.
  • Identify and resolve incidents that are not defined by (or deviate from) an existing incident response guide.
  • Assist with significant incidents as needed or assigned, including outside of normal business hours.
  • Provide feedback for development and consistency of automated threat detection mechanisms.
  • Update and maintain response guides for accuracy.
  • Support Security projects to improve Cyber Defense Team or Lumen's security posture.

Minimum Qualifications

  • Bachelor’s in Computer Science, Engineering, or related field (or equivalent experience)
  • Strong understanding of security fundamentals: host/network hardening, networking protocols, intrusion techniques, and risk management
  • Analytical/problem-solving skills across networking, operating systems, and malware analysis
  • Relevant certifications (or willingness to obtain): Security+, CEH, OSCP, GCIH, CISSP, GPEN, GWAPT, GISEC, CISM, or CISA
  • U.S.-based and able to obtain government suitability
  • Effective communication skills; able to present technical concepts to both technical and non-technical audiences
  • Experience with cloud security (AWS, Azure, GCP)
  • Broad knowledge of current and emerging technologies

Preferred Qualifications

  • 4+ years in incident response, forensics, risk assessments, application or network security
  • Experience in network/firewall engineering, design, and implementation
  • Familiarity with security tools (SIEM, IDS/IPS, endpoint protection)
  • Experience monitoring threats and performing initial triage
  • Microsoft or UNIX/Linux administration
  • Experience implementing controls to reduce risk and data exposure
  • Scripting experience (Python or Perl)
  • Experience in large enterprise or carrier-scale environments

Similar jobs