CenturyLink Operations Analyst in Broomfield, Colorado

CenturyLink (NYSE: CTL) at http://www.centurylink.com is a global communications and IT services company focused on connecting its customers to the power of the digital world. CenturyLink offers network and data systems management, big data analytics, managed security services, hosting, cloud, and IT consulting services. The company provides broadband, voice, video, advanced data and managed network services over a robust 265,000-route-mile U.S. fiber network and a 360,000-route-mile international transport network. Visit CenturyLink at http://www.centurylink.com/ for more information.

Job Description

The Managed SOC Analyst’s primary function in a 24/7 environment is to provide managed security operations center (SOC) analysis associated with customer monitoring activities using the Splunk SIEM solution and scanning through the processing and management of incident and request tickets, as they are assigned. Some investigation and threat hunting are also in scope. The responsibilities include monitoring alerts, receiving and reviewing escalations from other Tier 1 Analysts, customers, and other internal groups, as well as managing the full incident handling lifecycle with customers. The Analyst is expected to contribute to internal documentation and adherence to SLA targets and requirements. The role includes log monitoring and root cause analysis, and interfacing with clients and associates as needed to resolve complex cases. These Analysts are also expected to participate in, and contribute to planning and implementation of strategic and operational projects in efforts to achieve overall MSS goals. Analysts are expected to be able to troubleshoot problems with little oversight, take ownership and work independently as needed to resolve customer issues.

Duties and Responsibilities

  • Monitoring the Splunk SIEM solution and performing duties related to continuous process improvement, client escalations, documentation and review.

  • Monitoring events from various SIEM related tools (i.e. ArcSight, QRadar)

  • Working with SOC management on integrating with shared managed, multi-tenant SOC environment

  • Maintain Industry Training – This involves keeping up-to-date on security technologies, threats, and risk mitigation techniques

  • Case Management – ensuring the case management process is handled efficiently in a timely manner.

  • SOC Activity Log –creating, reviewing, and maintaining entries, working with other analysts Report Creation – creating temporary or permanent reports for customers, as requested.

  • Customer Meetings – attending and/or leading customer meetings as part of incident response and incident handling

  • Training and Mentoring SOC personnel – Security Analysts are responsible for training new SOC employees

  • Regularly performing tuning and filtering SIEM alerts and monitoring components to ensure only relevant security data is gathered

  • Projects - May work on security projects as assigned

Shift Responsibilities

The Security Analyst is responsible for the following shift duties:

  • Daily Traffic Review – replaying traffic from previous shifts and reviewing customer reports to ensure potential security incidents were not missed by other Analyst.

  • Improve their knowledge of the customer environment, intrusion detection, methodologies, and intrusion detection services with the support of on-going training from the analysts and self-study

  • Review SOC Activity log, cases and other monitoring tools for complete understanding of previous shift activities and incidents

  • Handle event incident response, case management, and customer notification

  • Providing process and operational improvement suggestions

  • Review, write, and update documentation (such as SOPs, MOPs, and TTPs)

  • Daily Case Management – the Security Analyst will review open cases and provide follow up that may be required

  • Report generation on demand and scheduling using available tools


  • Able to pass Public Trust Adjudication back ground and credit check

  • At least 1 years Information Security experience and/or training

  • Familiarization with Security Incident Event Monitoring solutions

  • Some knowledge and understanding of scanning and event monitoring

  • Working knowledge of Linux and syslog from CLI

  • Proven ability and past experience performing security analysis for information technology is required

  • Excellent writing and communications skills

  • Familiarization with a variety of information and network security monitoring tools

  • Familiarization with defense in depth methodology

  • Ability to work in a dynamic team oriented environment

  • Flexible scheduling for 24/7/365 support as needed

  • Analyst should possess the background and experience necessary to obtain Industry or SOC specific certifications as instructed by management. Possible applicable certifications include, but are not limited to:

  • CompTIA Security+, ITIL

  • Work Experience:

  • One plus years of Managed Security Service Provider Tier-1/2 Analyst/Operator Experience (Preferred)


Associates or Equivalent in Information Systems or Other

Alternate Location: US-Colorado-Broomfield; US-Colorado-Denver; US-Colorado-Highlands Ranch; US-Colorado-Littleton

Requisition # : 195410

This job may require successful completion of an online assessment. A brief description of the assessments can be viewed on our website at http://find.centurylink.jobs/testguides/

EEO Statement

We are committed to providing equal employment opportunities to all persons regardless of race, color, ancestry, citizenship, national origin, religion, veteran status, disability, genetic characteristic or information, age, gender, sexual orientation, gender identity, marital status, family status, pregnancy, or other legally protected status (collectively, “protected statuses”). We do not tolerate unlawful discrimination in any employment decisions, including recruiting, hiring, compensation, promotion, benefits, discipline, termination, job assignments or training.


The above job definition information has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job. Job duties and responsibilities are subject to change based on changing business needs and conditions.