Sr. Director, Cybersecurity Threat Detection – Remote


About Lumen

Lumen is guided by our belief that humanity is at its best when technology advances the way we live and work. With 450,000 route fiber miles serving customers in more than 60 countries, we deliver the fastest, most secure global platform for applications and data to help businesses, government and communities deliver amazing experiences. Learn more about Lumen’s network, edge cloud, security and communication and collaboration solutions and our purpose to further human progress through technology at, LinkedIn: /lumentechnologies, Twitter: @lumentechco, Facebook: /lumentechnologies, Instagram: @lumentechnologies and YouTube: /lumentechnologies.

The Role

The Sr. Director of Global Security Operations directs all security operations functions 24×7 across all of Lumens revenue-generating security capabilities, including DDoS (Distributed Denial of Service), managed firewalls, federal programs, hosted security, specialized customer operations, Security Log Management (SLM), and new managed security offers. This leader will oversee all teams that make up the “Security Operations Center” (SOC) functions, including daily threat detection and resolution, customer ticketing, engineering operations (EngOps), automation, threat hunting, and incident response.

As the Sr. Director of Global Security Operations, you will lead the Global Security Operations Center (SOC) for all of Lumens revenue-generating products and be a part of the Security Products organization. Lumen’s Global SOC is made up of functional teams that deliver the following capabilities:

Security automation

Global security operations monitoring for all active offers

Activations and Engineering

ServiceDesk and Reporting

The Main Responsibilities

You are accountable for the triage, analysis, and investigation of all cyber security incidents ensuring containment and eradication is achieved. You will also help lead security incidents and data breach investigations and handle post- incident reporting to customers. Your responsibilities include, but are not limited to:

Oversee all regional teams that analyze and monitor the information assets across Lumen. Ensure that the teams are globally consistent and locally adaptable.

Implement an operating model for holistic delivery of service to customers who subscribe to multiple Lumen offers and coordinate closely to peer service leaders in support of customer outcomes.

Direct your team to identify, track and remove impediments to improve our visibility, monitoring, and investigation capabilities.

Lead security incident and data breach investigations and handle post-incident reporting in urgent or critical situations.

Translate the lessons learned from a security incident or data breach to improve our program or address control deficiencies.

Anticipate, own, and resolve customer escalations to keep customer confidence, renewals, and year-over-year expansion of subscriptions.

Oversee and support delivery of customer reporting, both automated and in customer meetings in Quarterly Business Reviews (QBRs)

Implement a maturity model to measure the incident detection and response capability and identify capability gaps in all support environments over time.

Develop roadmaps, set objectives, and choose initiatives that support the goals of improving capability maturity.

Demonstrate alignment on and execution of functional and team-level goals.

Develop metrics for reporting purposes and drive specific actions, including measuring and improving operational effectiveness and performance and determining detective control effectiveness and coverage.

What We Look For in a Candidate

You are skilled in cyber threat detection and response. You present a calm, informed demeanor when engaging executives and customers. You embody accountability and ownership, both for yourself and for those you lead. You have a successful record of building and leading security operations teams in your career and can demonstrate success both quantitatively and extemporaneously. You are focused on customer outcomes, know how to establish organization accountability to deliver them, and lead your teams to deliver and demonstrate confidence in cyber security.


10 years in cybersecurity threat detection and response

5 years establishing and leading cybersecurity operations teams

Must be able to quantitatively demonstrate success implementing automation for threat detection and response

Experience consolidating, growing, and leading global teams across multiple functional disciplines

Experience delivering accountable operations in a DevOps organization

Experience managing budget targets and optimizing spend, including automation and global labor arbitrage

BS/BA required

10 years of experience in management, leadership, and strategic planning

Experience with XDR (eXtended Detection and Response), ServiceNow, QRadar, IBM (International Business Machines) SOAR (Security Orchestration, Automation and Response), XSOAR, Ansible, and Splunk is desired

Experience with artificial intelligence in threat detection and response

Requisition #: 329099

When applying for a position, you may be subject to a background screen (criminal records check, motor vehicle report, and/or drug screen), depending on the requirements for the position. More information on what’s included in these checks can be found in the Post Offer section of our FAQ page ( . Job-related concerns noted in the background screen may disqualify you from the new position or your current role. Background results will be evaluated on a case-by-case basis.

EEO Statement

We are committed to providing equal employment opportunities to all persons regardless of race, color, ancestry, citizenship, national origin, religion, veteran status, disability, genetic characteristic or information, age, gender, sexual orientation, gender identity, gender expression, marital status, family status, pregnancy, or other legally protected status (collectively, “protected statuses”). We do not tolerate unlawful discrimination in any employment decisions, including recruiting, hiring, compensation, promotion, benefits, discipline, termination, job assignments or training.


The above job definition information has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job. Job duties and responsibilities are subject to change based on changing business needs and conditions.

Salary Range

Salary Min :


Salary Max :


This information reflects the anticipated base salary range for this position based on current national data. Minimums and maximums may vary based on location. Individual pay is based on skills, experience and other relevant factors.

This position is eligible for either short-term incentives or sales compensation. Director and VP positions also are eligible for long-term incentive. To learn more about our bonus structure, you can view additional information here. ( Were able to answer any additional questions you may have as you move through the selection process.

As part of our comprehensive benefits package, Lumen offers a broad range of Health, Life, Voluntary Lifestyle and other benefits and perks that enhance your physical, mental, emotional and financial wellbeing. You can learn more by clicking here. (

Note: For union-represented postings, wage rates and ranges are governed by applicable collective bargaining agreement provisions.