Security Operations Center Engineer (BROOMFIELD, CO, US, 80021)

About CenturyLink
CenturyLink (NYSE: CTL) is the second largest U.S. communications provider to global enterprise customers. With customers in more than 60 countries and an intense focus on the customer experience, CenturyLink strives to be the world’s best networking company by solving customers’ increased demand for reliable and secure connections. The company also serves as its customers’ trusted partner, helping them manage increased network and IT complexity and providing managed network and cyber security solutions that help protect their business.

The Role

Federal SOC Information Security Engineers will provide monitoring, triage, and escalation support for internal Federal SOC and External Customer operations.  The SOC Information Security Engineers will work shifts to provide 24x7x365 coverage. SOC Information Security Engineers will work in tandem with other Information Security Engineers in the Global SOC and Federal NOC Organizations.


The Main Responsibilities

Review Global SOC Shift end Summary and SOC activity logs, emails, tickets, cases and other monitoring tools for complete understanding of previous shift activities and incidents with the goal of maintaining the highest level of customer service by keeping track of the critical customer impacting issue.
Provide monitoring and responding to alerts and events within SLAs.  Services and systems include but not limited to Splunk (internal/external SIEM), DDOS- Distributed Denial of Services mitigation, Firewalls alerts (MTIPS and MSS), TrendMicro Anti Virus, Tripwire File Integrity Checks, IDS/IPS for customers.
Monitor multiple ticketing systems and queues. Ensure tickets are created and notated within SLAs
Login to phone call queues to answer both internal and external calls
Triage DDOS attacks targeted on Federal Customers.
Work closely with FedNOC, the Federal SOC Tier II and Ops Eng teams
Escalate issues to Vendors, SOC Tier II and Ops Engineers as soon as there is a need
Adhere to all defined processes and procedures.
Provide process and operational improvement suggestions.


Competency requirements

Performs a long-term project leadership role working towards the development of new solutions, processes, tools, systems that have company-wide and possibly industry-wide impacts.
Frequent contact with senior leadership of customers and contractors for the purpose of creating and presenting innovative long-term solutions and managing key relationships.  Acts as a resource within the engineering and scientific communities to develop solutions or handle the most complex tasks for which existing methods and procedures may not apply.
Provides consultation and advice to Federal customers, engineers and management regarding work functions, processes, methods, procedures, and tools.  Develops and delivers technical and process training, including, documentation in areas of expertise and innovative areas of technology.


What We Look For in a Candidate

Have three years operational experience with 3 or more of the following security components.

Tripwire, TrendMicro, WebInspect, Tennable Nessus and Qualys vulnerability scanners, Splunk, Secure Log Management, Firewalls, Intrusion Detection.

Demonstrate a curiosity and a security threat hunting mindset.
Deal with work coming from diverse sources.
Diagnose Trip Wire Events, Trend Micro Events, System Events, Network Events from 4 Supported Environments with dissimilar architecture.
Access systems and restart security application agents.
Perform Gemalto Token PIN Provisioning, Repair, Revocation, re-provisioning, PIN change, Reset for internal and external Federal Customers.
Perform PIN and Token Tests to ascertain Gemalto MFA functionality is working properly.
Create multi-factor authentication (MFA) reports.
Perform MFA Token migration between servers.
Perform user verification in AD Systems as part of user authentication troubleshooting
Manually perform MFA systems checks to ascertain operational status.
Isolate trouble to a system by process of elimination.
Assemble and direct SWAT teams for Network wide Events.
Isolate BGP alerts and instruct the Federal NOC, IPSS, Strat Gov to follow-up on CPE or Circuit Issues.
Run searches in Splunk Search Heads.
Review alerts and reports in Splunk
Restart scheduled FISMA and STIGaaS Compliance vulnerability Scan or run adhoc Vulnerability Scans.
Respond to CDM (Continuous Diagnostics and Mitigation) Events.
Perform Analytics on events from customer networks per CDM Framework.
Take inbound call and work Ticket Queue for internal and external customers.
Manage Perimeter Fortigates and Palo Alto Firewalls in MTIPS, FEDRAMP Gov CCC, Palo Alto with IPS.
Resolve Customer Firewall Operations related changes and tickets.
Notify the CenturyLink FedNOC of a customer Low category event.
Notify the CenturyLink FedNOC of a customer Medium category event.
Notify the End User Federal Agency (EUA), and then the CenturyLink FedNOC, of a customer High Category Event.

Clearance: Government Suitability Clearance up to Top Secret as required.

Certifications: CEH, GIAC Certified Incident Handler (GCIH), CCNA, NSE4.

Education: BS Computer Science or related areas with experience.

Alternate Location: US-Colorado-Broomfield; US-Minnesota-St Paul

Requisition #: 229026

EEO Statement
We are committed to providing equal employment opportunities to all persons regardless of race, color, ancestry, citizenship, national origin, religion, veteran status, disability, genetic characteristic or information, age, gender, sexual orientation, gender identity, marital status, family status, pregnancy, or other legally protected status (collectively, “protected statuses”).  We do not tolerate unlawful discrimination in any employment decisions, including recruiting, hiring, compensation, promotion, benefits, discipline, termination, job assignments or training.

The above job definition information has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job.  Job duties and responsibilities are subject to change based on changing business needs and conditions.
post tech jobs

- Tech Jobs New York, NY

- Tech Jobs Houston, TX

- Tech Jobs Austin, TX

- Tech Jobs Chicago, IL

- Tech Jobs Santa Clara, CA

- Tech Jobs Atlanta, GA

Top Tech Jobs

IT jobs, Tech Jobs, USA tech job board that makes Tech and IT job search easier and faster. Search tech jobs from reputable tech companies and recruiters in USA

Tech Jobs Post is a technology niche job board with focus in IT jobs, Software engineering, Mobile Applications development, Tech support and telecommunications. Tech Jobs Post is designed to simplify tech recruitment for employers and recruiters. It offers the right tool for recruiting tech professionals.

For tech job seekers, Tech Jobs Post makes their job search easy by giving them the right tool that simplify their job search and allow them to connect with tech recruiters and employers. Thousands of technology job openings in tech fields such as IT, engineering, telecommunication and Mobile App development are published daily. Our job search tool makes these jobs more accessible to job seekers.

Technology job recruiters are always looking for skilled tech candidates to fill their job vacancies. Some employers are even willing to pay relocation cost for the right candidates. However, according to some tech job recruiters, filling some mission-critical tech positions can be somewhat challenging. This has compelled technology recruiters and employers to create more attractive incentives aimed at attracting the best and brightest technology professionals. serves as recruitment platform designed to speed up tech recruitment process.