CenturyLink Security Engineer - Incident Response in PHOENIX, Arizona
CenturyLink (NYSE: CTL) at http://www.centurylink.com is a global communications and IT services company focused on connecting its customers to the power of the digital world. CenturyLink offers network and data systems management, big data analytics, managed security services, hosting, cloud, and IT consulting services. The company provides broadband, voice, video, advanced data and managed network services over a robust 265,000-route-mile U.S. fiber network and a 360,000-route-mile international transport network. Visit CenturyLink at http://www.centurylink.com/ for more information.
Respond to, remediate and document information security incidents not limited to SIEM Alerts, Tickets, Emails, or Phone Calls.
Review data that is processed within the SIEM to find suspicious events as well as ineffective data.
Verify incident source alert notifications are authentic and trusted.
Identify and resolve incidents that are not defined by (or deviates from) an existing incident response guides.
Assist with significant incidents as needed or assigned.
Provide feedback for development and consistency of automated threat detection mechanisms.
Update and maintain response guides for accuracy.
Perform open hunting of CenturyLink network as assigned or time allows.
Security projects dedicated to improving Cyber Defense Team or CenturyLink's security posture.
Undergraduate degree in computer science, engineering, or related field, or equivalent experience.
Solid understanding of information, host and network security hardening and requirements; networking protocols; common intrusion techniques; and common risk management concepts.
Analytical and problem solving skills related to networking, operating systems, and malware analysis.
Candidate must possess, or be willing to pursue, applicable professional/technical certifications, such as CISSP, CEH, GCIH, GPEN, GWAPT, GISEC, CISM or CISA.
Strong oral and written communication skills and comfort with presenting technical issues to all levels of management, as well as non-technical staff.
Broad technical knowledge of current and emerging technologies. Preferred Qualifications:
4+ years of experience in performing security risk assessments and application, system and network security.
Experience in network and/or firewall engineering, administration, design and implementation including experience in applying methodologies and principles for all levels of security.
Understanding of the following tools: SIEM, IDS / IPS, host based Anti-Virus, or similar products.
Experience in network monitoring tools to monitor attacks/threats and doing the initial triage of findings.
Microsoft or UNIX (including Linux or other UNIX derivatives) MAC operating system administration/support experience.
Experience with computer security, incident response, or computer forensics.
Experience with technologies, tools and process controls to minimize risk and data exposure.
Application development and/or source code review experience in C/C++, C#, VB.NET, ASP, PHP, PERL, Python, or Java.
Experience in large enterprise or carrier data centers and/or networks.
Alternate Location: US-Arizona-Phoenix; US-Colorado-Broomfield; US-Colorado-Denver; US-Kansas-Gardner
Requisition # : 207713
This job may require successful completion of an online assessment. A brief description of the assessments can be viewed on our website at http://find.centurylink.jobs/testguides/
We are committed to providing equal employment opportunities to all persons regardless of race, color, ancestry, citizenship, national origin, religion, veteran status, disability, genetic characteristic or information, age, gender, sexual orientation, gender identity, marital status, family status, pregnancy, or other legally protected status (collectively, “protected statuses”). We do not tolerate unlawful discrimination in any employment decisions, including recruiting, hiring, compensation, promotion, benefits, discipline, termination, job assignments or training.
The above job definition information has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job. Job duties and responsibilities are subject to change based on changing business needs and conditions.