About Lumen Lumen connects the world. We are igniting business growth by connecting people, data and applications - quickly, securely, and effortlessly. Together, we are building a culture and company from the people up - committed to teamwork, trust and transparency. People power progress. We're looking for top-tier talent and offer the flexibility you need to thrive and deliver lasting impact. Join us as we digitally connect the world and shape the future. The Role We are seeking a skilled and detail-oriented Assistant SOC Manager to support the operations of our multi-tenant Security Operations Center (SOC) within a Managed Security Services Provider (MSSP) environment. This role involves managing SOC analysts, ensuring adherence to SOC policies and procedures, maintaining operational excellence through metrics, and staying ahead of the evolving threat landscape to protect our clients. The Main Responsibilities SOC Operations & Team Managemen Oversee day-to-day SOC operations across multiple client environments, ensuring timely detection, analysis, and response to security incidents. Supervise and mentor SOC analysts, fostering a culture of continuous improvement and technical excellence. Ensure 24/7 coverage and shift coordination, including handover procedures and escalation protocols. Policies, Procedures & Compliance Assist in developing, maintaining, and enforcing SOC policies, standard operating procedures (SOPs), and incident response playbooks. Ensure SOC activities align with regulatory requirements and client-specific compliance frameworks (e.g., ISO 27001, GDPR, PDPA). Conduct periodic reviews and updates of SOC documentation to reflect changes in technology, threat landscape, and client needs. Operational Metrics & Reporting Define and track key performance indicators (KPIs) and service level agreements (SLAs) for SOC operations. Generate and present operational dashboards and reports to internal stakeholders and clients, highlighting incident trends, response times, and SOC effectiveness. Identify areas for improvement based on metrics and drive initiatives to enhance SOC performance. Threat Intelligence & Landscape Awareness Monitor global and regional threat intelligence feeds to stay informed of emerging threats, vulnerabilities, and attack techniques. Collaborate with threat intelligence teams to contextualize threats for MSSP clients and integrate findings into detection and response strategies. Support proactive threat hunting and red/blue team exercises to validate SOC readiness. Client Engagement & Service Delivery Act as a technical point of contact for clients during incident investigations and post-incident reviews. Support onboarding of new clients, including log source integration, rule tuning, and documentation. Ensure consistent and high-quality service delivery across all client engagements. What We Look For in a Candidate Education & Experience: Bachelor's degree in Cybersecurity, Computer Science, or related field. 5 years of experience in cybersecurity, with at least 2 years in a SOC or MSSP environment. Experience in managing or mentoring technical teams and working in client-facing roles. Technical Skills: Proficient in SIEM platforms (e.g., Splunk, QRadar, LogRhythm), EDR tools, and SOAR technologies. Strong understanding of network security, malware analysis, and incident response methodologies. Familiarity with multi-tenant environments and client-specific security requirements. Experience with scripting and automation (e.g., Python, PowerShell) is a plus. Soft Skills: Strong leadership, communication, and interpersonal skills. Ability to manage multiple priorities and client expectations in a fast-paced environment. Excellent analytical and problem-solving abilities. Preferred Certifications: GIAC (e.g., GCIH, GCIA, GCFA), CEH, CISSP, or equivalen Compensation What to Expect Next Requisition : 339494 Background Screening If you are selected for a position, there will be a background screen, which may include checks for criminal records and/or motor vehicle reports and/or drug screening, depending on the position requirements. For more information on these checks, please refer to the Post Offer section of our FAQ page (https://jobs.lumen.com/global/en/faq) . Job-related concerns identified during the background screening may disqualify you from the new position or your current role. Background results will be evaluated on a case-by-case basis. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. Equal Employment Opportunities We are committed to providing equal employment opportunities to all persons regardless of race, color, ancestry, citizenship, national origin, religion, veteran status, disability, genetic characteristic or information, age, gender, sexual orientation, gender identity, gender expression, marital status, family status, pregnancy, or other legally protected status (collectively, "protected statuses"). We do not tolerate unlawful discrimination in any employment decisions, including recruiting, hiring, compensation, promotion, benefits, discipline, termination, job assignments or training. Disclaimer The job responsibilities described above indicate the general nature and level of work performed by employees within this classification. It is not intended to include a comprehensive inventory of all duties and responsibilities for this job. Job duties and responsibilities are subject to change based on evolving business needs and conditions. In any materials you submit, you may redact or remove age-identifying information such as age, date of birth, or dates of school attendance or graduation. You will not be penalized for redacting or removing this information. Please be advised that Lumen does not require any form of payment from job applicants during the recruitment process. All legitimate job openings will be posted on our official website or communicated through official company email addresses. If you encounter any job offers that request payment in exchange for employment at Lumen, they are not for employment with us, but may relate to another company with a similar name.
