Lead Cyber Defense Engineer

About Lumen Lumen connects the world by accelerating business growth through secure and efficient connections among people, data, and applications. We are committed to creating a collaborative culture that values teamwork, trust, and transparency. Join us in transforming the digital landscape and making a meaningful impact. The Role As a Lead Cyber Defense Engineer, you will be pivotal in advancing Lumen's incident response capabilities. Your key responsibilities will include developing innovative tools, integrating various security data sources, and creating dynamic environments for swift investigations and threat hunting. This role uniquely combines your technical expertise with incident response knowledge, enabling you to swiftly craft effective solutions in critical situations. You will work closely with Cyber Defense, Threat Intelligence, and Cloud teams to develop impactful capabilities that strengthen Lumen's security posture. Location This is a remote position available for candidates nationwide in the U.S. Main Responsibilities Design and implement custom tools to enhance active incident response. Build and maintain infrastructure for log analysis, forensics, and threat hunting activities. Create automated processes for efficient evidence collection, parsing, and correlation. Develop scripts to analyze extensive datasets, including logs and network captures. Establish temporary computing environments (VMs, containers, cloud resources) for investigations. Integrate systems with SIEMs, EDR platforms, and threat intelligence services. Document tools clearly for team accessibility while ensuring rapid development. What We Look For in a Candidate 3+ years of development experience with languages such as Python, Go, Bash, Rust, or similar. A minimum of 2 years in incident response, SOC, or security operations. An adaptable problem-solver who can provide solutions without exhaustive requirements. Experience with: Log analysis tools like ELK or Splunk, and custom solutions. Cloud infrastructure experience (AWS/GCP/Azure); familiarity with Infrastructure as Code (IaC) is a plus. Container technologies (basic knowledge of Docker and Kubernetes). Forensic data analysis across different operating systems (Windows/Linux/Mac). Network traffic analysis and related skills. Ability to efficiently switch between multiple projects. Strong debugging and troubleshooting skills. Nice to Have DFIR certifications (GCIH, GCFA, GNFA). Experience in memory forensics (Volatility). Familiarity with malware analysis or reverse engineering. Understanding of the MITRE ATT&CK framework. Previous experience in MSSP, consulting, or in-house incident response teams. This Role Is For You If... You have created tools during critical incidents when existing options fell short. You can quickly learn and adapt to new APIs or data formats. You possess a genuine interest in incident response investigations beyond coding. Compensation We offer a competitive salary structure that varies by state due to market conditions. Salary ranges for various states are as follows: $129,639 - $172,852 in states like AL, AR, AZ, FL, GA, IA, ID, IN, KS, KY, LA, ME, MO, MS, MT, ND, NE, NM, OH, OK, PA, SC, SD, TN, UT, VT, WI, WV, and WY. $136,121 - $181,494 in states including CO, HI, MI, MN, NC, NH, NV, OR, and RI. $142,603 - $190,137 in states such as AK, CA, CT, DC, DE, IL, MA, MD, NJ, NY, TX, VA, and WA. Lumen provides a comprehensive benefits package to support your physical, mental, emotional, and financial well-being. Inquire about our bonus structure during the selection process. Background Screening All candidates selected for this role will undergo a background screening process, which may include assessments for criminal records and other reports as appropriate for the position. We assess all results on a case-by-case basis. This position is part of a unionized workforce, subject to collective bargaining agreements. Applicants may be required to join the union or pay dues as a condition of employment, depending on specific circumstances. Equal Employment Opportunities We are committed to providing equal employment opportunities regardless of any protected statuses. We do not tolerate discrimination in any employment-related decisions. Disclaimer The responsibilities outlined here offer a general overview of the role but are not exhaustive. Duties may evolve based on business needs.

Created: 2026-03-11