CenturyLink Sr Operations Analyst in Minneapolis, Minnesota

CenturyLink (NYSE: CTL) at http://www.centurylink.com is a global communications and IT services company focused on connecting its customers to the power of the digital world. CenturyLink offers network and data systems management, big data analytics, managed security services, hosting, cloud, and IT consulting services. The company provides broadband, voice, video, advanced data and managed network services over a robust 265,000-route-mile U.S. fiber network and a 360,000-route-mile international transport network. Visit CenturyLink at http://www.centurylink.com/ for more information.

Job Description

The Managed Sr. SOC Analyst’s primary function is to provide Managed Security Operations center (SOC) analysis associated with customer monitoring activities using Tenable’s Security Center, Log Correlation Engine (LCE) and scanning through the processing and management of incident and request tickets, as they are assigned. Some investigation and threat hunting are also in scope. The responsibilities include monitoring alerts. Receiving and managing escalations from Tier 1 Analysts, customers, and other internal groups, as well as managing the full incident handling lifecycle with customers. The Analyst is expected to contribute to internal documentation and adherence to SLA targets and requirements. The role includes log monitoring and root cause analysis, and interfacing with clients and associates as needed to resolve complex cases. These Analysts are also expected to participate in, and contribute to planning and implementation of strategic and operational projects in efforts to achieve overall MSS goals. Analysts are expected to be able to troubleshoot problems with little oversight, take ownership and work independently as needed to resolve customer issues.

Duties and Responsibilities

  • Monitoring Tenable’s Security Center and related modules (i.e. LCE) and performing duties related to continuous process improvement, client escalations, documentation and review.

  • Monitoring events from various SIEM related tools (i.e. Splunk, QRadar)

  • Working with SOC management on integrating with shared managed, multi-tenant SOC environment

  • Maintain Industry Training – This involves keeping up-to-date on security technologies, threats, and risk mitigation techniques

  • Case Management – ensuring the case management process is handled efficiently in a timely manner.

  • SOC Activity Log –creating, reviewing, and maintaining entries, working with other analysts Report Creation – creating temporary or permanent reports for customers, as requested.

  • Customer Meetings – attending and/or leading customer meetings as part of incident response and incident handling

  • Training and Mentoring SOC personnel – Security Analysts are responsible for training new SOC employees

  • Regularly performing tuning and filtering SIEM alerts and monitoring components to ensure only relevant security data is gathered

  • Projects - May work on security projects as assigned

Shift Responsibilities

  • incidents were not missed by other Analyst.

  • Improve their knowledge of the customer environment, intrusion detection, methodologies, and intrusion detection services with the support of on-going training from the analysts and self-study

  • Review SOC Activity log, cases and other monitoring tools for complete understanding of previous shift activities and incidents

  • Handle event incident response, case management, and customer notification

  • Providing process and operational improvement suggestions

  • Review, write, and update documentation (such as SOPs, MOPs, and TTPs)

  • Daily Case Management – the Security Analyst will review open cases and provide follow up that may be required

  • Report generation on demand and scheduling using available tools

Qualifications

  • Willing and able to pass Public Trust Adjudication back ground and credit check

  • At least 2-3 years Information Security experience and training

  • At least 1-2 years of operational experience with Tenable’s Security Center, LCE and Nessus scanning

  • Working knowledge of Linux and syslog from CLI

  • Proven ability and past experience performing security analysis for information technology is required

  • Excellent writing and communications skills

  • Working knowledge of Tenable Security Center and Splunk

  • Familiarization with a variety of information and network security monitoring tools (Barracuda solutions, Palo Alto UTMs, Trend Micro solutions, among others)

  • Familiarization with defense in depth methodology

  • Ability to work in a dynamic team oriented environment

  • Flexible scheduling for 24/7/365 support as needed

  • Analyst should possess the background and experience necessary to obtain Industry or SOC specific certifications as instructed by management. Possible applicable certifications include, but are not limited to CompTIA Security+, CEH, ECSA, ECIH, CSA+, ITIL, CCNA, and Linux

  • Work Experience: Three plus years of Managed Security Service Provider Tier-1/2 Analyst/Operator Experience (Preferred)

Education

Bachelors or Equivalent in Computer Science or Information Systems

Alternate Location: US-Minnesota-Minneapolis; US-Minnesota-St Paul

Requisition # : 192208

This job may require successful completion of an online assessment. A brief description of the assessments can be viewed on our website at http://find.centurylink.jobs/testguides/

EEO Statement

We are committed to providing equal employment opportunities to all persons regardless of race, color, ancestry, citizenship, national origin, religion, veteran status, disability, genetic characteristic or information, age, gender, sexual orientation, gender identity, marital status, family status, pregnancy, or other legally protected status (collectively, “protected statuses”). We do not tolerate unlawful discrimination in any employment decisions, including recruiting, hiring, compensation, promotion, benefits, discipline, termination, job assignments or training.

Disclaimer

The above job definition information has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job. Job duties and responsibilities are subject to change based on changing business needs and conditions.