LEAD INFORMATION SECURITY ENGINEER

About The Position

Requirements

• Required Education: BS Computer Science or Cyber Security, MS Computer Science or Information Technologies.
• Candidate must be a US Citizen with an active TOP SECRET clearance.
• Location is preferred for consideration in this position. Candidates in the following areas will be considered for this position: Washington DC, Maryland, Virginia

Nice To Haves

• 5-7 years in a Network Operation environment.
• Additional 5-7 years in a Firewall Operations environment.
• Experience in large enterprise network operations using BGP.Experience with Cyber Threat Intelligence and interface with intelligence community.
• Experience with writing reports and making presentations to customers.
• Expert level certifications in specific security technologies such as Fortinet, Arbor, Radware, Palo Alto, Cisco or Checkpoint.
• Demonstrated understanding of Denial-of-Service concepts and attack vectors, tools, and mitigation countermeasures.
• Demonstrate understanding of Web Application Firewalls (WAF) attack tools and mitigation techniques.
• Hands‑on experience or working knowledge of leading Cloud based DDoS mitigation vendors and platforms, including NETSCOUT, Cloudflare, Akamai Prolexic, Radware, Edgio, Amazon Shield, etc.
• Hands‑on experience or working knowledge of leading Web Application Firewalls (WAF) vendors and platforms, including Cloudflare, Akamai, Radware, Edgio, AWS WAF, Imperva, F5, etc.
• Expert knowledge of routing and switching in large enterprises.
• Experience working with VLANs, VRF, BGP, OSPF, EIGRP, RIPV2, IPV4 and IPV6.
• Expertise in troubleshooting BGP, BGP community strings, prefix-lists, route-maps, local preferences and AS Paths.
• Review and analyze packet captures.
• Exhibits deep technical knowledge of TCP/IP, network ports and protocols with awareness of their security implications, attack surfaces, and mitigation strategies.
• Trace customers or attack traffic through our global backbone.
• Understand and be able to modify routing and firewall policies/prefix lists on multiple router platforms.
• Troubleshoot IPSEC and GRE Tunnels issues and BGP over GRE.
• Stay abreast of new attack vectors and interface with customers, other SOC engineers, and Operations Engineering regarding new vectors and mitigation techniques.
• Expert level knowledge and skills of at least one programming language (python preferred).
• Preferred Security industry certifications: CCIE R&S CCIE Security CCNP Security CCNA PCNSA, PCNSE NSE7 CCSE JNCIA-SEC, JNCIP-SEC, JNCIE-SEC

Responsibilities

• Subject Matter Expert (SME) on DDoS attacks, mitigation and threat analysis.
• DDoS worldwide intelligence collection, analysis, reporting and dissemination.
• Threat Feed research, recommendation, implementation and Administration.
• Interface with DDoS service vendors.
• Expertise in DDoS attack tools and countermeasures.
• Perform complex changes within the managed security environment.
• Manage and resolve customer service faults, outage, and impairment events.
• Monitor, triage, and respond to alerts for client security events. Investigation and resolution of impairment scenarios on Managed DDoS Security products.
• Research and implement customer generated change requests for Managed DDoS Security products.
• Generate incident cases and escalate to Operation Engineering and IPNOC teams in accordance with time and severity-based SLAs.
• Performs tasks associated with the installation, turn up and maintenance of Lumen security infrastructure.
• Act as technical expert delivering solutions to clients, internal business, and third-party vendors.
• Develop enhancements to existing solutions, promote creation of new tools, processes, and applications.
• Directly support, train and mentor Tier I and II colleagues.
• Possess exceptional customer service skills.
• Multi-task during events.
• Communicate effectively with managers, customers, and vendors.
• Maintain solid working relationships, including collaborative technical activities with peers.
• Strong written and verbal communication skills.
• Analytical and problem-solving skills.
• Attention to detail with good organizational capabilities.
• Prioritize with good time management skills.
• Demonstrate collaboration/cooperation with other Service Assurance teams outside of the SOC (IP/Ethernet, Transport, etc.)
• Regularly maintain communication with peers and other functional SOC teams on selected collaboration platforms (Teams, Email, phone, etc.)
• Work within multiple ticketing platforms and accept/update/close tickets in order received.
• If not previously approved, candidate must be willing to submit for a T/S clearance with SCI.

Benefits

• Lumen offers a comprehensive package featuring a broad range of Health, Life, Voluntary Lifestyle benefits and other perks that enhance your physical, mental, emotional and financial wellbeing.