Junior DDOS Mitigation Engineer - Remote

About Lumen
Lumen is guided by our belief that humanity is at its best when technology advances the way we live and work. With 450,000 route fiber miles serving customers in more than 60 countries, we deliver the fastest, most secure global platform for applications and data to help businesses, government and communities deliver amazing experiences. Learn more about Lumen’s network, edge cloud, security and communication and collaboration solutions and our purpose to further human progress through technology at news.lumen.com, LinkedIn: /lumentechnologies, Twitter: @lumentechco, Facebook: /lumentechnologies, Instagram: @lumentechnologies and YouTube: /lumentechnologies.

The Role

Federal SOC Information Security Engineers will provide monitoring, triage, and escalation support for internal Federal SOC and External Customer operations.  The Federal SOC Information Security Engineers will work shifts to provide 24x7x365 coverage. SOC Information Security Engineers will work in tandem with other Information Security Engineers in the Global SOC and Federal NOC Organizations.

The Main Responsibilities

• Review Federal SOC Shift end Summary and SOC activity logs, emails, tickets, cases and other monitoring tools for complete understanding of previous shift activities and incidents with the goal of maintaining the highest level of customer service by keeping track of the critical customer impacting issue.
• Provide monitoring and responding to alerts and events within SLAs.  Services and systems include but not limited to Splunk (internal/external SIEM), DDOS- Distributed Denial of Services mitigation, Firewalls alerts (MTIPS and MSS), TrendMicro Anti-Virus, Tripwire File Integrity Checks, IDS/IPS for customers.
• Monitor multiple ticketing systems and queues. Ensure tickets are created and notated within SLAs.
• Login to phone call queues to answer both internal and external calls. 
• Triage DDOS attacks targeted on Federal Customers and run DDoS Mitigation
• Work closely with FedNOC, the Federal SOC Tier II and Ops Eng teams.
• Escalate issues to Vendors, SOC Tier II and Ops Engineers as soon as there is a need.
• Adhere to all defined processes and procedures.
• Provide process and operational improvement suggestions.

Competency requirements

• Performs a long-term project leadership role working towards the development of new solutions, processes, tools, systems that have company-wide and possibly industry-wide impacts.
• Frequent contact with senior leadership of customers and contractors for the purpose of creating and presenting innovative long-term solutions and managing key relationships.  Acts as a resource within the engineering and scientific communities to develop solutions or handle the most complex tasks for which existing methods and procedures may not apply.
• Provides consultation and advice to Federal customers, engineers and management regarding work functions, processes, methods, procedures, and tools.  Develops and delivers technical and process training, including, documentation in areas of expertise and innovative areas of technology.
   

What We Look For in a Candidate

Have three years operational experience with 3 or more of the following security components.

• Tripwire, TrendMicro, WebInspect, Tenable Nessus and Qualys vulnerability scanners, Splunk, Secure Log Management, Firewalls, Intrusion Detection.
• Demonstrate a curiosity and a security threat hunting mindset.
• Deal with work coming from diverse sources. 
• Diagnose Trip Wire Events, Trend Micro Events, System Events, Network Events from 4 Supported Environments with dissimilar architecture.
• Access systems and restart security application agents.
• Perform Gemalto Token PIN Provisioning, Repair, Revocation, re-provisioning, PIN change, Reset for internal and external Federal Customers. 
• Perform PIN and Token Tests to ascertain Gemalto MFA functionality is working properly.
• Create multi-factor authentication (MFA) reports.
• Perform MFA Token migration between servers.
• Perform user verification in AD Systems as part of user authentication troubleshooting.
• Manually perform MFA systems checks to ascertain operational status.
• Isolate trouble to a system by process of elimination.
• Assemble and direct SWAT teams for Network wide Events.
• Isolate BGP alerts and instruct the Federal NOC, Strat Gov TAC to follow-up on CPE or Circuit Issues.
• Run searches in Splunk Search Heads.
• Review alerts and reports in Splunk.
• Restart scheduled FISMA and STIGaaS Compliance vulnerability Scan or run adhoc Vulnerability Scans.
• Respond to CDM (Continuous Diagnostics and Mitigation) Events. 
• Perform Analytics on events from customer networks per CDM Framework.
• Take inbound call and work Ticket Queue for internal and external customers.
• Manage Perimeter Fortigates and Palo Alto Firewalls in MTIPS, FEDRAMP Gov CCC, Palo Alto with IPS.
• Resolve Customer Firewall Operations related changes and tickets.
• Notify the Lumen FedNOC of a customer Low category event. 
• Notify the Lumen FedNOC of a customer Medium category event. 
• Notify the End User Federal Agency (EUA), and then the Lumen FedNOC, of a customer High Category Event.

Clearance: Government Suitability Clearance up to Top Secret as required.
Certifications: CEH, GIAC Certified Incident Handler (GCIH), CCNA, NSE4.
Education: BS Computer Science or related areas with experience.

Requisition #: 321792

EEO Statement
We are committed to providing equal employment opportunities to all persons regardless of race, color, ancestry, citizenship, national origin, religion, veteran status, disability, genetic characteristic or information, age, gender, sexual orientation, gender identity, marital status, family status, pregnancy, or other legally protected status (collectively, “protected statuses”).  We do not tolerate unlawful discrimination in any employment decisions, including recruiting, hiring, compensation, promotion, benefits, discipline, termination, job assignments or training.

Disclaimer
The above job definition information has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job.  Job duties and responsibilities are subject to change based on changing business needs and conditions.
 

Salary Range

Salary Min :

57600

Salary Max :

128400

This information reflects the anticipated base salary range for this position based on current national data. Minimums and maximums may vary based on location. Individual pay is based on skills, experience and other relevant factors.

This position is eligible for either short-term incentives or sales compensation. Director and VP positions also are eligible for long-term incentive. To learn more about our bonus structure, you can view additional information here. We're able to answer any additional questions you may have as you move through the selection process.

As part of our comprehensive benefits package, Lumen offers a broad range of Health, Life, Voluntary Lifestyle and other benefits and perks that enhance your physical, mental, emotional and financial wellbeing. You can learn more by clicking here.

Note: For union-represented postings, wage rates and ranges are governed by applicable collective bargaining agreement provisions.

Salary Range

Salary Min :

57600

Salary Max :

128400

This information reflects the base salary pay range for this job based on current national market data. Ranges may vary based on the job's location. We offer competitive pay that varies based on individual experience, qualifications and other relevant factors. We encourage you to apply to positions that you are interested in and for which you believe you are qualified. To learn more, you are welcome to discuss with us as you move through the selection process.