About Lumen

Lumen connects the world. We are igniting business growth by connecting people, data and applications – quickly, securely, and effortlessly. Together, we are building a culture and company from the people up – committed to teamwork, trust and transparency. People power progress.

Lumen’s commitment to workplace inclusion and employee support shines bright. We’ve made the Newsweek 2024 Greatest Workplaces for Diversity list and achieved a perfect score of 100 on the Human Rights Campaign Corporate Equality Index (CEI) for the fifth consecutive year. Plus, we’re the top employer in the communications and telecom industry, ranking 12th overall across all industries in The American Opportunity Index.

We’re looking for top-tier talent and offer the flexibility you need to thrive and deliver lasting impact. Join us as we digitally connect the world and shape the future.

The Role

The Cyber Threat Security Analyst role will focus on security event and incident monitoring, threat hunting, and deep analysis of threat information within customer environments, various log sources, and within security control technologies directly. The Analyst will work directly with customers to determine and communicate relevant risk and potential impact, as well as make recommendations for risk mitigation. This role will also provide direction for SIEM rule changes, customer escalations and inquiries, and help develop improved threat analysis process and procedures.

The Main Responsibilities

• Perform security incident and event monitoring support, including deep dive data analysis, visualization and response with security tools and technologies like EDR and/or SIEM platforms.

• Develop and manage customer security event analysis notifications with thoughtful analysis details, evidence, conclusions, and recommendations.

• Triage, analysis, respond and manage customer issues and questions regarding security events, including evidence supporting risk identification and recommended risk mitigation, via trouble ticket, email, and phone.

• Review threat detection rules, correlations and make recommendations for improved fidelity such as automation response while maintaining detection content in common rules language like Sigma, YARA or Snort.

• Threat hunting within customer environments and leverage techniques like YARA rules, IOC analysis and behavioral analysis

• Develop and manage Cyber Threat Intelligence while keeping updated on latest threats, attack vectors and vulnerabilities.

• Perform and manage Exposure Management such as Penetration Testing, Vulnerability Management

• Understand cloud security for cloud platforms like AWS, Azure, GCP including IAM, container and serverless features.

What We Look For in a Candidate

• Requires Bachelor’s degree in related field or equivalent combination of education and experience.

• Possess strong customer service skills.

• Communicate effectively with managers, customers, and vendors.

• Maintain solid working relationships, including collaborative technical activities with peers.

• Good written and verbal communication skills

• Good analytical and problem-solving skills

• Attention to detail with good organizational skills.

• Basic experience performing security monitoring, hunting, and analysis within SIEM platforms and security controls.

Preferred

• 2 or more years in a Security Operations environment performing cyber threat hunting and incident response support

• Security industry certifications (examples):

• GIAC

• CISSP

• CRISC

• CISM

• Security+ CCNA

• CEH

• OSCP

• Basic knowledge and skills of at least one programming language (Python, Bash or PowerShell preferred)

Compensation

What to Expect Next

Requisition #: 333084

Background Screening

If you are selected for a position, there will be a background screen, which may include checks for criminal records and/or motor vehicle reports and/or drug screening, depending on the position requirements. For more information on these checks, please refer to the Post Offer section of our FAQ page (https://jobs.lumen.com/global/en/faq) . Job-related concerns identified during the background screening may disqualify you from the new position or your current role. Background results will be evaluated on a case-by-case basis.

Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

Equal Employment Opportunities

We are committed to providing equal employment opportunities to all persons regardless of race, color, ancestry, citizenship, national origin, religion, veteran status, disability, genetic characteristic or information, age, gender, sexual orientation, gender identity, gender expression, marital status, family status, pregnancy, or other legally protected status (collectively, “protected statuses”). We do not tolerate unlawful discrimination in any employment decisions, including recruiting, hiring, compensation, promotion, benefits, discipline, termination, job assignments or training.

Disclaimer

The job responsibilities described above indicate the general nature and level of work performed by employees within this classification. It is not intended to include a comprehensive inventory of all duties and responsibilities for this job. Job duties and responsibilities are subject to change based on evolving business needs and conditions.