Lumen TechnologiesRemote
Cybersecurity Incident Response Engineer
United States of America
Full-time
1 week ago
$83,000 - $111,000 USD
No H1B
Key skills
Incident responseInformation security fundamentalsCloud securityProfessional certificationsNetwork securitySIEM toolsAnalytical skillsScripting languagesProblem-solving skillsCommunication skillsPythonCPerlAWSAzureGoogle CloudRisk ManagementCommunicationNetwork SecurityCloud SecurityFirewall
About this role
Lumen Technologies is a company focused on connecting people, data, and applications securely. They are seeking a Cybersecurity Incident Response Engineer to respond to and mitigate cybersecurity alerts, research preventative measures, and work with stakeholders to enhance cybersecurity capabilities.
Responsibilities:
- Respond to, remediate, and document information security incidents not limited to dashboard (Advanced Threat Appliance & SIEM) alerts, tickets, emails, or phone calls
- Actively hunt the enterprise for insecure, suspicious, or malicious activity
- Review data that is processed within the SIEM to find incident evidence and suspicious events as well as out of scope events
- Verify and validate security notifications from both internal and external sources
- Identify and resolve incidents that are not defined by (or deviate from) an existing incident response guide
- Assist with significant incidents as needed or assigned, including outside of normal business hours
- Provide feedback for development and consistency of automated threat detection mechanisms
- Update and maintain response guides for accuracy
- Support Security projects to improve Cyber Defense Team or Lumen's security posture
- Demonstrate effective communication skills, both verbal and written
Requirements:
- Undergraduate degree in computer science, engineering, or related field, or equivalent experience
- Solid understanding of information security fundamentals, host and network security hardening and requirements; networking protocols; common intrusion techniques; and common risk management concepts
- Analytical and problem-solving skills related to networking, operating systems, and malware analysis
- Candidate must possess, or be willing to pursue, applicable professional/technical certifications, such as Security +, C|EH, OSCP, GCIH, CISSP, GPEN, GWAPT, GISEC, CISM or CISA
- Candidate must be US based and able to obtain government suitability
- Strong oral and written communication skills and comfort with presenting technical issues to all levels of management, as well as non-technical staff
- Experience with cloud security and cloud service providers (e.g., AWS, Azure, Google Cloud Platform)
- Broad technical knowledge of current and emerging technologies
- 4+ years of experience in incident response, computer forensics security, risk assessments, application security or network security
- Experience in network and/or firewall engineering, administration, design and implementation including experience in applying methodologies and principles for all levels of security
- Understanding of the following tools: SIEM, IDS / IPS, host based anti-virus, or similar products
- Experience in network monitoring tools to monitor attacks/threats and doing the initial triage of findings
- Microsoft or UNIX (including Linux or other UNIX derivatives) operating system administration/support experience
- Experience with technologies, tools, and process controls to minimize risk and data exposure
- Development experience in scripting languages such as Python or Perl
- Experience in large enterprise or carrier data centers and/or networks