CenturyLink (NYSE: CTL) is the second largest U.S. communications provider to global enterprise customers. With customers in more than 60 countries and an intense focus on the customer experience, CenturyLink strives to be the world’s best networking company by solving customers’ increased demand for reliable and secure connections. The company also serves as its customers’ trusted partner, helping them manage increased network and IT complexity and providing managed network and cyber security solutions that help protect their business.
The Information Assurance Analyst role reports to the Information Assurance Managers supporting multiple 24x7x365 geographically separated Network Operations Center (NOC). The Information Assurance Analyst works in a shift work environment that requires security minded individual with good understanding network security posture and network security tools including firewalls, intrusion detection and prevention technology, threat and vulnerability management tools, data loss prevention tools, filtering technologies, traffic inspection solutions, reporting technology, audit reduction and report generating tools, and data analytics platforms. The Information Assurance Analyst role is responsible for monitoring a network and responding to identified alerts and incidents. The response typically occurs in three stages: detection and analysis, remediation, and reporting and documentation. The role requires a firm knowledge of SIEM tools to help aggregate security events and generate alerts for analysts to investigate.
- The role support both Tier 1 and Tier 2 operations.
- Monitor SEIM tools, IPS/IDS, Firewall, event logs, security logs, and additional security tools as required.
- Utilize knowledge and experience to identify, troubleshoot, and resolve simple and complex security incidents quickly and effectively
- Correlate, validate, and respond to security incidents or alerts and take appropriate action to document and escalate incidents in trouble ticketing system
- Responsible for auditing systems to verify compliance with government requirements and current security posture
- Use threat intelligence such as updated rules and Indicators of Compromise (IOCs) to pinpoint affected systems and the extent of an incident.
- Analyzes running processes and configs on affected systems. Carries out in-depth threat intelligence analysis to find the perpetrator, the type of attack, and the data or systems impacted
- Conduct vulnerability scans and evaluate results to determine proper remediation actions.
- Create and implements a strategy for containment and recovery
- Create and update Standard Operation Procedures
- Troubleshoot and analyzes security software/system tools to ensure compatibility and integration with hardware systems
- Work assigned shift: day, swings, or mids
- Provides after-hours support on an on-call basis, as required
- Perform other duties as assigned.
- Estimated 15% of time is travel; however, the amount of travel is dependent on the current mission requirement and operations environment
- Top Secret/SCI clearance mandatory
- DoD 8570 IAT Level II certification or above required
- Associates degree in Cyber or Security related field or 2 years’ applicable work experience in SOC environment
- Experience with accreditation of DoD information systems and knowledge of NIST Special Publication 800-53, “Security and Privacy Controls for Federal Information Systems and Organizations” and NIST Special Publication 800-37, "Guide for Applying the Risk Management Framework to Federal Information Systems,"
- Experience with Assured Compliance Assessment Solution (ACAS), Host Based Security System (HBSS) and Security Information and Event Management (SIEM) Tools
Alternate Location: US-Colorado-Colorado Springs
Requisition #: 222199
This job may require successful completion of an online assessment. A brief description of the assessments can be viewed on our website at http://find.centurylink.jobs/testguides/
We are committed to providing equal employment opportunities to all persons regardless of race, color, ancestry, citizenship, national origin, religion, veteran status, disability, genetic characteristic or information, age, gender, sexual orientation, gender identity, marital status, family status, pregnancy, or other legally protected status (collectively, “protected statuses”). We do not tolerate unlawful discrimination in any employment decisions, including recruiting, hiring, compensation, promotion, benefits, discipline, termination, job assignments or training.
The above job definition information has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job. Job duties and responsibilities are subject to change based on changing business needs and conditions.