CenturyLink Operations Analyst in Broomfield, Colorado
CenturyLink (NYSE: CTL) at http://www.centurylink.com is a global communications and IT services company focused on connecting its customers to the power of the digital world. CenturyLink offers network and data systems management, big data analytics, managed security services, hosting, cloud, and IT consulting services. The company provides broadband, voice, video, advanced data and managed network services over a robust 265,000-route-mile U.S. fiber network and a 360,000-route-mile international transport network. Visit CenturyLink at http://www.centurylink.com/ for more information.
The Managed SOC Analyst’s primary function in a 24/7 environment is to provide managed security operations center (SOC) analysis associated with customer monitoring activities using the Splunk SIEM solution and scanning through the processing and management of incident and request tickets, as they are assigned. Some investigation and threat hunting are also in scope. The responsibilities include monitoring alerts, receiving and reviewing escalations from other Tier 1 Analysts, customers, and other internal groups, as well as managing the full incident handling lifecycle with customers. The Analyst is expected to contribute to internal documentation and adherence to SLA targets and requirements. The role includes log monitoring and root cause analysis, and interfacing with clients and associates as needed to resolve complex cases. These Analysts are also expected to participate in, and contribute to planning and implementation of strategic and operational projects in efforts to achieve overall MSS goals. Analysts are expected to be able to troubleshoot problems with little oversight, take ownership and work independently as needed to resolve customer issues.
Duties and Responsibilities
Monitoring the Splunk SIEM solution and performing duties related to continuous process improvement, client escalations, documentation and review.
Monitoring events from various SIEM related tools (i.e. ArcSight, QRadar)
Working with SOC management on integrating with shared managed, multi-tenant SOC environment
Maintain Industry Training – This involves keeping up-to-date on security technologies, threats, and risk mitigation techniques
Case Management – ensuring the case management process is handled efficiently in a timely manner.
SOC Activity Log –creating, reviewing, and maintaining entries, working with other analysts Report Creation – creating temporary or permanent reports for customers, as requested.
Customer Meetings – attending and/or leading customer meetings as part of incident response and incident handling
Training and Mentoring SOC personnel – Security Analysts are responsible for training new SOC employees
Regularly performing tuning and filtering SIEM alerts and monitoring components to ensure only relevant security data is gathered
Projects - May work on security projects as assigned
The Security Analyst is responsible for the following shift duties:
Daily Traffic Review – replaying traffic from previous shifts and reviewing customer reports to ensure potential security incidents were not missed by other Analyst.
Improve their knowledge of the customer environment, intrusion detection, methodologies, and intrusion detection services with the support of on-going training from the analysts and self-study
Review SOC Activity log, cases and other monitoring tools for complete understanding of previous shift activities and incidents
Handle event incident response, case management, and customer notification
Providing process and operational improvement suggestions
Review, write, and update documentation (such as SOPs, MOPs, and TTPs)
Daily Case Management – the Security Analyst will review open cases and provide follow up that may be required
Report generation on demand and scheduling using available tools
Able to pass Public Trust Adjudication back ground and credit check
At least 1 years Information Security experience and/or training
Familiarization with Security Incident Event Monitoring solutions
Some knowledge and understanding of scanning and event monitoring
Working knowledge of Linux and syslog from CLI
Proven ability and past experience performing security analysis for information technology is required
Excellent writing and communications skills
Familiarization with a variety of information and network security monitoring tools
Familiarization with defense in depth methodology
Ability to work in a dynamic team oriented environment
Flexible scheduling for 24/7/365 support as needed
Analyst should possess the background and experience necessary to obtain Industry or SOC specific certifications as instructed by management. Possible applicable certifications include, but are not limited to:
CompTIA Security+, ITIL
One plus years of Managed Security Service Provider Tier-1/2 Analyst/Operator Experience (Preferred)
Associates or Equivalent in Information Systems or Other
Alternate Location: US-Colorado-Broomfield; US-Colorado-Denver; US-Colorado-Highlands Ranch; US-Colorado-Littleton
Requisition # : 195410
This job may require successful completion of an online assessment. A brief description of the assessments can be viewed on our website at http://find.centurylink.jobs/testguides/
We are committed to providing equal employment opportunities to all persons regardless of race, color, ancestry, citizenship, national origin, religion, veteran status, disability, genetic characteristic or information, age, gender, sexual orientation, gender identity, marital status, family status, pregnancy, or other legally protected status (collectively, “protected statuses”). We do not tolerate unlawful discrimination in any employment decisions, including recruiting, hiring, compensation, promotion, benefits, discipline, termination, job assignments or training.
The above job definition information has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job. Job duties and responsibilities are subject to change based on changing business needs and conditions.