Lumen delivers the most secure platform for applications and data to help businesses, government and communities deliver amazing experiences. The Federal SOC Information Security Engineer I will provide monitoring, triage, and escalation support for internal Federal SOC and External Customer operations, ensuring high levels of customer service and security.
Review SOC Shift end Summary and SOC activity logs, emails, tickets, cases and other monitoring tools for complete understanding of previous shift activities and incidents with the goal of maintaining the highest level of customer service by keeping track of the critical customer impacting issue.
Provide monitoring and responding to alerts and events within SLAs. Services and systems include but not limited to Splunk (internal/external SIEM), Firewalls alerts (MTIPS and MSS), TrendMicro Anti Virus, Tripwire File Integrity Checks, IDS/IPS for customers.
Monitor multiple ticketing systems and queues. Ensure tickets are created and notated within SLAs
Login to phone call queues to answer both internal and external calls
Work closely with FedNOC, the Federal SOC Tier II and Ops Eng teams
Escalate issues to Vendors, SOC Tier II and Ops Engineers as soon as there is a need
Adhere to all defined processes and procedures.
Provide process and operational improvement suggestions.
Performs a long-term project leadership role working towards the development of new solutions, processes, tools, systems that have company-wide and possibly industry-wide impacts.
Frequent contact with senior leadership of customers and contractors for the purpose of creating and presenting innovative long-term solutions and managing key relationships. Acts as a resource within the engineering and scientific communities to develop solutions or handle the most complex tasks for which existing methods and procedures may not apply.
Provides consultation and advice to Federal customers, engineers and management regarding work functions, processes, methods, procedures, and tools. Develops and delivers technical and process training, including, documentation in areas of expertise and innovative areas of technology.
Qualification
Required
Tripwire, TrendMicro, Web Inspect, Tennable Nessus and Qualys vulnerability scanners, Splunk, Secure Log Management, Firewalls, Intrusion Detection.
Ability to diagnose Trip Wire Events, Trend Micro Events, System Events, Network Events from 4 Supported Environments with dissimilar architecture.
MFA provisioning, repair, revocation, re-provisioning, reporting, and troubleshooting experience.
Diagnose and identify reports and alerts within Splunk.
Isolate BGP alerts and notify customer and other operational teams of an event.
Perform Analytics on events from customer networks per CDM Framework.
Experience working out of a ticket queue and receiving inbound customer calls.
Experience managing Fortigates and Palo Alto Firewalls.
Equivalent educational experience.
Clearance: Government Suitability Clearance required.
