Senior Cyber Defense Engineer

About Lumen Lumen connects the world by facilitating rapid business growth through secure, efficient connections among people, data, and applications. We are focused on building a collaborative culture that emphasizes teamwork, trust, and transparency. Join us in digitally transforming the world and making a significant impact. The Role As a Senior Cyber Defense Engineer, you will play a crucial role in enhancing Lumen's incident response efforts. Your responsibilities will include developing innovative tooling, integrating a variety of security data sources, and creating on-demand environments that expedite investigations and threat hunting. This position merges engineering acumen with incident response expertise, allowing you to turn urgent needs into effective solutions without waiting for exhaustive specifications. You'll collaborate closely with Cyber Defense, Threat Intelligence, and Cloud teams to develop rapid and high-impact capabilities that fortify Lumen's security framework. Location This is a remote position available for candidates nationwide in the U.S. Main Responsibilities Design and implement custom tools to aid in active incident response. Build and manage infrastructure for log analysis, forensics, and threat hunting activities. Create automation processes for efficient evidence collection, parsing, and correlation. Develop scripts to handle and analyze large datasets, including logs and network captures. Establish temporary computing environments (VMs, containers, cloud resources) during investigations. Integrate systems with SIEMs, EDR platforms, and threat intelligence services. Document tools adequately for team accessibility while preserving development speed. What We Look For in a Candidate 3+ years of development experience with languages such as Python, Go, Bash, Rust, or similar. A minimum of 2 years in incident response, SOC, or security operations. An adaptable problem-solver who can create solutions without comprehensive requirements. Experience with: Log analysis tools like ELK or Splunk, and custom solutions. Cloud infrastructure experience (AWS/GCP/Azure); familiarity with Infrastructure as Code (IaC) is a plus. Containerization technologies (basic knowledge of Docker and Kubernetes). Forensic data analysis from various operating systems (Windows/Linux/Mac). Network traffic analysis and related skills. Adeptness at swiftly transitioning between multiple projects. Strong debugging and troubleshooting abilities. Nice to Have DFIR certifications (GCIH, GCFA, GNFA). Experience in memory forensics (Volatility). Familiarity with malware analysis or reverse engineering. Knowledge of the MITRE ATT&CK framework. Previous experience working in MSSP, consulting, or in-house incident response teams. This Role Is For You If... You’ve developed a tool in urgent moments during incidents because existing solutions didn’t meet your needs. You can quickly learn new APIs or data formats. You hold a genuine interest in incident response investigations beyond just the coding aspect. Compensation We offer a competitive salary, with ranges varying based on the state due to market conditions. Please see below for the approximate salary ranges based on location: $129,639 - $172,852 in states such as AL, AR, AZ, FL, GA, IA, ID, IN, KS, KY, LA, ME, MO, MS, MT, ND, NE, NM, OH, OK, PA, SC, SD, TN, UT, VT, WI, WV, and WY. $136,121 - $181,494 in states including CO, HI, MI, MN, NC, NH, NV, OR, and RI. $142,603 - $190,137 in states like AK, CA, CT, DC, DE, IL, MA, MD, NJ, NY, TX, VA, and WA. Lumen provides a comprehensive benefits package to support your physical, mental, emotional, and financial well-being. Feel free to inquire about our bonus structure during the selection process. Background Screening Candidates selected for this position will undergo a background screening process that may include assessments for criminal records and other reports as appropriate for the role. We consider all results on a case-by-case basis. This position is part of a unionized workforce, subject to collective bargaining agreements. Applicants may be required to join the union or pay dues as a condition of employment, depending on specific circumstances. Equal Employment Opportunities We are committed to equal employment opportunities regardless of various protected statuses. Discrimination in any employment-related decisions is not tolerated. Disclaimer The duties outlined herein provide a general overview of the role but are not exhaustive. Responsibilities may evolve due to business needs.

Created: 2026-03-07