Job Search Results for threat intelligence analyst

Senior Security Analyst - Threat HunterWe are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal... More opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.Less

As a Cyber Security Analyst on our team, you?ll monitor and analyze threats, using state-of-the-art tools. You?ll use your cyber security skills to monitor, detect, and respond to cyber security... More alerts. You?ll review logs, tool output, and intelligence sources investigate security events, and follow escalation processes. You?ll identify and recommend improvements. You'll prepare reports and informational documents and work in a team environment. You?ll work with the team to understand, mitigate, and respond to threats quickly, restoring operations and limiting the impact. You?ll analyze incidents to figure out just how many systems are affected and assist recovery efforts. You?ll combine threat intelligence, event data, and assessments from recent events, and identify patterns to understand attackers? goals to stop them from succeeding. This is a great opportunity to hone your cyber security skills with hands-on experience in threat assessment and incident response.We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.Less

An employer in the Galleria area of Houston, Texas is seeking a Lead SOC Analyst to join their team. They currently have a global SOC team and are trying to mimic the structure they have in... More Australia. Right now, there are 2 Leads in Houston overseeing the international team (North and South America) and this person will take the 3rd Lead spot. Their hours will be Monday-Friday 8A-5:30 PM and must sit onsite 3 days a week (their choice of day). Right now, the team works 9/80s and will be off every other Friday. The general rule, is 60% working in office and 40% working from home. This can change depending on what is going on with the team. Most people are onsite 3 days a week. They do allow flexibility as well - this is to be discussed with the manager ahead of time. They will also be on an on-call rotation every 3 weeks and their shift is Thursday-Thursday. They do a follow the sun schedule and pass off to the team in Australia accordingly. This person will be responsible for helping lead a team of 5+ SOC analysts and needs to have experience managing and mentoring junior analysts. This person will be the first escalation point for all major incidents. They need to have extensive threat intelligence review and assessment experience, strong vulnerability management experience and great written and verbal communication as they will provide communication reviews. This position pays between $70-$80/hr depending on skillset and experience.We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.Less

Senior Security Analyst - Detection EngineeringDetection Engineering Experience?8+ years of experience in cybersecurity, with at least 3+ years focused on detection engineering, threat detection, or... More security analytics?Proven experience designing, implementing, and maintaining high fidelity security detections across multiple telemetry sources?Strong understanding of how attacker behaviors manifest in logs, events, and telemetry across enterprise environmentsDetection Design & Framework Alignment?Demonstrated experience building detections aligned to MITRE ATT&CK, focusing on behavior based rather than signature only detection?Ability to perform detection gap analysis and systematically improve coverage, quality, and resilience of detection content?Experience validating detections through testing, simulation, or retrospective analysis [Security O...n Engineer | Word]Security Tooling & Query Languages?Hands on experience with SIEM and EDR platforms, including ingesting and querying large volumes of security telemetry?Strong proficiency writing detection logic using KQL and working with Microsoft Sentinel/Defender?Experience using scripting languages such as Python, PowerShell, Bash, or JavaScript to support detection and automation workflowsAutomation & SOAR?Experience designing and implementing security automation using SOAR platforms to reduce manual effort and improve response consistency?Ability to automate alert enrichment, triage, IOC lookups, and ticketing workflows using Logic Apps?Experience integrating SIEM, EDR, threat intelligence, and case management systems into cohesive workflowsOperational Collaboration?Strong collaboration with SOC analysts, Incident Response, and Threat Intelligence teams to ensure detections are actionable and operationally effective?Ability to support incident response by providing deep technical insight into detections, telemetry, and attacker behaviorsOriginal contract set for 5 months with the opportunity to extendWe are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.Less

The Cybersecurity Analyst will be responsible for safeguarding the organization?s information systems, infrastructure, and data through proactive monitoring, analysis, and in supporting the... More implementation of advanced security solutions. This position plays a vital role in maintaining a secure technology environment by leveraging tools such as Cisco XDR, Cisco Firepower, Cisco Endpoint, Cisco ASA, Fortinet Gateways, and Duo MFA.The ideal candidate will possess 3?5 years of hands-on experience in network and server hardening, threat detection and response, and disaster recovery planning and execution. Working closely with IT operations, this role ensures that all systems are resilient, compliant, and protected against evolving cyber threats.Key ResponsibilitiesSecurity Operations & Monitoring? Implement, configure, and manage Cisco XDR, Cisco Endpoint Security, and Fortinet Gateways to ensure proactive threat detection and response.? Monitor network and endpoint activities for security incidents using advanced SIEM and XDR tools.? Investigate, analyze, and respond to security breaches, threats, and vulnerabilities.Network & Infrastructure Security? Manage and maintain Cisco Firepower and Cisco ASA firewalls to ensure secure and efficient traffic management.? Administer Duo Multi-Factor Authentication (MFA) for secure user access and identity protection.? Perform network hardening to reduce the attack surface, following best practices and compliance standards.Server & System Hardening? Conduct server hardening across Windows and Linux systems, ensuring compliance with internal and regulatory standards.? Review and implement secure configurations, patch management, and vulnerability remediation.Disaster Recovery & Continuity? Participate in DR drills and testing to validate readiness and response effectiveness.Policy, Documentation & Compliance? Maintain up-to-date documentation of network security configurations, standards, and incident response procedures.? Support compliance initiatives (e.g., NIST, ISO 27001, or CIS Controls) through audits and reporting.We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.Less

Insight Global is seeking an IS Analyst to join the IT department of an AM 200 law firm. The Information Security Analyst plays a key role in protecting the firm?s digital assets, client data, and... More case-related information by implementing and maintaining security controls in alignment with the ISO 27001 Information Security Management System (ISMS). The analyst will proactively monitor, detect, and respond to security threats; ensure compliance with legal industry data protection standards; and support ongoing risk and compliance initiatives. This role is essential for maintaining client trust, ensuring the confidentiality of privileged information, and meeting both ethical and regulatory obligations in the legal sector.Essential Functions & Responsibilities:-Security Monitoring & Incident ResponseMonitor networks, systems, and endpoints for potential threats using SIEM, EDR, and IDS/IPS tools.-Analyze security alerts, investigate incidents, and coordinate timely response and remediation.Conduct root cause analyses and prepare post-incident reports.-Maintain and test the Incident Response Plan as part of ISO 27001 continuous improvement.Participate in legal hold or eDiscovery-related security reviews when required.-Risk Management & ISO 27001 AlignmentSupport the firm?s Information Security Management System (ISMS) and contribute to maintaining ISO 27001 certification.-Conduct periodic risk assessments, identifying potential threats to confidentiality, integrity, and availability of legal data.-Document and monitor risk treatment plans and corrective actions.-Participate in internal and external ISO audits by providing evidence and maintaining control documentation.-Contribute to the ongoing maintenance of the Firm?s risk register.-Seek out opportunities for continuous improvement in processes and procedures.-Vulnerability Management & Threat Intelligence-Perform regular vulnerability scans and coordinate remediation with IT and service providers.-Monitor industry-standard threat intelligence sources, cybersecurity forums, and dark web feeds for emerging risks, vulnerabilities, and threat actor activities targeting the legal sector.-Track and report vulnerabilities relevant to law firms, third-party vendors, and legal technology platforms (e.g., document management systems, case management tools).-Track and report on patch-management activity to be sure it aligns with required standards.Stay informed on evolving attack vectors such as business email compromise, ransomware, and data exfiltration threats impacting professional services firms.-Governance, Policy, and ComplianceDevelop, maintain, and enforce security policies, procedures, and standards in accordance with ISO 27001 Annex A controls and policy lifecycle.-Ensure adherence to data privacy laws (e.g., GDPR, CCPA) and client contractual obligations.Collaborate with legal teams to align information security practices with attorney?client privilege requirements and ethical obligations.-Support third-party vendor risk assessments and due diligence processes.-Security Awareness & Continuous Improvement-Support the firm?s security awareness training program and conduct periodic phishing simulations.-Educate staff on secure handling of confidential documents and client communications.-Contribute to the continuous improvement cycle of the ISMS by identifying opportunities for control enhancement.-Keep up to date with the latest developments in cybersecurity, privacy law, and ISO frameworks.-Access Control & Data ProtectionManage and review access controls, ensuring least privilege and role-based access models are enforced.-Monitor privileged accounts and perform periodic user access reviews.-Work with IT to secure document repositories, collaboration tools, and cloud-based applications.-Review and act as needed to on data loss prevention alerts from various tools.Technical Skills:Experience with ISO 27001, NIST CSF, or CIS Controls.Proficiency with SIEM platforms (e.g., Splunk, Sentinel, LogRhythm).Strong understanding of network protocols, IDS/IPS, and endpoint security.Familiarity with vulnerability management tools (e.g., Qualys, Nessus) and ticketing workflows.Knowledge of encryption, DLP, and secure file transfer solutions used in legal environments.Understanding of cloud security concepts (Microsoft 365, Azure, or AWS).Familiarity with scripting/automation tools and techniques.Knowledge of EDR/XDR solutions and providers.This is a full-time hybrid role, sitting 2 days in office each week in any of the firm's following offices: Baltimore, Boston, Chicago, Ft. Lauderdale, Harrisburg, Miami, Minneapolis, Newark, New York City, Philadelphia, Princeton, Wayne, PA, West Palm Beach, Wilmington, DE or Washington, D.C.We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.Less

Insight Global is actively hiring multiple Cyber Network Operators and Exploitation Analyst (Blue Team and Red Team) to join our team supporting a large Intelligence Program out of Fort Meade. The... More selected candidates will work on a team of Senior Analyst providing a wide range of Computer Network Operations (CNO) including Defensive Cyber Operations, Offensive Cyber Operations, and Exploitation Operations. Candidates should have s strong hands on experience with tools such as DataXplorer, XKS, UTT, etc. as well as tools such as Snort, Bro, Metasploit, etc. specifically performing Computer Network Operations. Salaries offered will be based on candidates level of expertise, education, and clearance level; but likely fall between 175K - 300KWe are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.Less

Insight Global is actively hiring multiple Cyber Network Defense and Exploitation Analyst (Blue Team and Red Team) to join our team supporting a large Intelligence Program out of Fort Meade. The... More selected candidates will work on a team of Senior Analyst providing a wide range of Computer Network Operations (CNO) including Defensive Cyber Operations, Offensive Cyber Operations, and Exploitation Operations. Candidates should have s strong, hands on background in similar type environments, and have hands on experience with multiple intelligence tools, classified and unclassified cyber tools, and experience performing hands on Cyber Operations. An active TS/SCI with CI Polygraph is required for this position. Fullscope Polygraph is highly preferredSalaries offered will be based on candidates level of expertise, education, and clearance level; but likely fall between 150K - 300KWe are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.Less

Insight Global is seeking a Senior Security Integration Engineer (Elastic Stack) to support the Missile Defense Agency (MDA) on the Integrated Research and Development for Enterprise Solutions (IRES)... More contract. The right candidate will possess advanced expertise in logging architecture, SIEM design, data normalization, and systems integration. Job Responsibilities:? Onboarding, integrating, and optimizing security data sources into the Elastic Security Platform. ? Collaborate with customer technical teams to map their environment, plan ingestion strategies, update network and data flow diagrams, validate logging pipelines, and ensure successful end-to-end SIEM integration. ? Conduct assessments of customer environments and identify required logging, telemetry, and network visibility gaps. ? Translate customer operational requirements into ingestion roadmaps and technical implementation plans. ? Develop, maintain, and version-control network diagrams, data flow diagrams, and SIEM onboarding documentation. ? Produce runbooks, integration guides, and operational reference materials. ? Monitor ingestion health and coordinate issue resolution with customers and internal teams. ? Ensure adherence to security policies, logging standards, and architectural governance. ? Provide technical guidance and mentorship to junior engineers working on data ingestion and SIEM onboarding tasks. ? Contribute to onboarding playbooks, best practices, and internal training sessions. ? Serve as a subject-matter expert on Elastic SIEM capabilities and logging integration patterns. This is a contract to hire position, onsite full-time in Colorado Springs, CO or Huntsville, AL the salary range for this role is between $62 - 72/hr depending on years and level of experience, education, and certifications. This role requires an Active Secret Clearance. Typical benefits offered include flexible work schedules, educational reimbursement, retirement benefits (401K match), employee stock purchase plan, health benefits, tax saving options, disability benefits, life and accident insurance, voluntary benefits, paid time off and paid holidays, and parental leave.We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.Less