Black Lotus Labs Threat Researcher; APT

About Lumen

Lumen connects the world. We are igniting business growth by connecting people, data and applications – quickly, securely, and effortlessly. Together, we are building a culture and company from the people up – committed to teamwork, trust and transparency. People power progress.

We’re looking for top-tier talent and offer the flexibility you need to thrive and deliver lasting impact. Join us as we digitally connect the world and shape the future.

Black Lotus Labs is seeking a remote Threat Intelligence Analyst on the Research & Analysis team focused on tracking advanced threats. This team leverages Lumen’s global visibility of one of the world’s largest and most interconnected IP backbones and a petabyte-scale compute cluster to perform cutting edge threat research, hunting and tracking advanced persistent threat actors (APTs) and emerging criminal activity as the threat actors traverse the internet.

They empower customers to stay ahead of the evolving threat landscape.

This is a remote position open to candidates based anywhere in the U.S.

• Conduct threat research across technical data sets, fusing Black Lotus Labs telemetry with third party data sets, to automate detection of the latest threat attacker tools, techniques and procedures (TTPs) with a goal of automating detection.
• Use technical knowledge of adversary capabilities and infrastructure and define, develop, and implement techniques to track sophisticated adversaries, delivering actionable threat intelligence data to Lumen customers.
• Set priority of what threats to analyze and how long to spend on them to maximize the team's impact.
• Lead and enhance threat hunting operations by actively engaging with other research teams, building strong partnerships to achieve shared goals, exploring new data sources, and mentoring team members in executing workflows and solving complex challenges.
• Identify malicious activity in large scale network and endpoint data and scale detection of malicious activity through python-based automations.
• Provide actionable analysis and strategic insights into emerging threats and vulnerabilities, translating complex technical information into actionable intelligence for executive leadership and external stakeholders.
• Contribute to thought leadership initiatives by sharing insights and expertise at security conferences and internal executive briefings.

• Proven experience in threat hunting and in-depth technical security research, demonstrating a track record of successfully identifying, tracking, and disrupting nation-state and cybercriminal threat actors.
• Fluency in advanced threat hunting methodologies, attacker tactics, techniques, and procedures (TTPs), and the ability to derive actionable threat hunts from complex data sets.
• Demonstrated experience building prototype threat hunting solutions and large data analysis tools with Python.
• Experience with telemetry collection including use of OSINT and proprietary endpoint and network data, TTP based threat hunting, and/or developing threat hunt tools that have cross-organization impact on threat visibility, including leading private-public partnerships and multi-company collaborations.
• Proven communication and presentation skills, including the ability to clearly and concisely convey complex technical information to technical audiences.

• Proficiency in malware reverse engineering and incident response.
• Experience presenting at industry conferences and in the media.
• Software development experience in Docker and big data technologies like Hadoop, Spark, and Tensor Flow.

This information reflects the anticipated base salary range for this position based on current national data. Minimums and maximums may vary based on location. Individual pay is based on skills, experience and other relevant factors.

Location Based Pay Ranges:

$129,639 - $172,852 in these states: AL, AR, AZ, FL, GA, IA, , IN, KS, KY, LA, ME, MO, MS, MT, ND, NE, NM, OH, OK, PA, SC, SD, TN, UT, VT, WI, WV, and WY.

$136,121 - $181,494 in these states: CO, HI, MI, MN,…