The Cyber Security Senior Analyst will help the team to perform Security Operations Center (SOC) duties, which include incident response, malware analysis, and monitoring. This role will work with the team and become a senior technical contributor to implement and apply technologies, processes, and practices designed to protect networks, devices, and data from malicious attack, damage, or unauthorized access.
Conduct threat analysis, assessment, and malware analysis in support of security investigations and incident response processes.
Lead investigations into security incidents escalated from lower-tier SOC analysts.
Provide technical mentorship to Tier 1 and Tier 2 SOC analysts, sharing knowledge on incident response, threat detection, and advanced cybersecurity techniques.
Conduct root cause analysis and identify containment and remediation actions.
Recognize and research attacker tools, tactics, and procedures (TTP) in indicators of compromise (IOCs) that can be applied to current and future investigations.
Build internal scripts, tools, and automation processes to enhance detection and response capabilities.
Collaborate with technical and business teams to drive SOC initiatives acting as the SME.
Conduct threat hunting activities to proactively identify potential threats and vulnerabilities within the network.
Develop and maintain SOC runbooks and documentation to ensure consistent and effective processes.
Participate in security audits and assessments to ensure compliance with industry standards and regulations.
Provide after-hour support as needed and participate in on-call rotation.
We are a company committed to creating inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity employer that believes everyone matters. Qualified candidates will receive consideration for employment opportunities without regard to race, religion, sex, age, marital status, national origin, sexual orientation, citizenship status, disability, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to
Human Resources Request Form. The EEOC "Know Your Rights" Poster is available
here.
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy:
https://insightglobal.com/workforce-privacy-policy/ .
Bachelors degree in cybersecurity, computer science, information technology, or related field.
5+ years experience in a Security Operations Center or Technical Incident Response role.
Strong knowledge of incident response methodologies, including NIST 800-61.
Proven track record of handling advanced and complex security incidents.
Demonstrated experience in computer security-related disciplines such as incident response, host forensics, malware analysis, container security, network traffic analysis, Insider Threat, alert tuning, and trend analysis.
Strong knowledge of cloud security in Azure, AWS, GCP.
Extensive experience working with security tools such as Azure Sentinel, Splunk, Microsoft Defender Security Suite, firewalls, IDS/IPS, antispam, content management, server and network device hardening, etc.
Strong understanding of security concepts and threat categories (such as malware, phishing attacks, Defense-in-Depth, MITRE ATT&CK framework, Cyber Kill Chain, etc.).
Strong knowledge of Windows, Linux, and Mac OS
Advanced Experience with query languages such as KQL and SPL
Experience with scripting languages such as Bash, PowerShell, or Python.
Experience in using security orchestration, automation, and response tools.
The ability to effectively communicate both verbally and in writing to audiences of different technical skill levels.
Strong analytical and troubleshooting abilities to investigate, identify, and resolve security incidents quickly and effectively.
Capability to remain calm, composed, and focused during high-pressure situations, ensuring a clear and effective incident response.
Knowledge of security frameworks and standards such as ISO 27001, PCI DSS, and NIST.
Ability to conduct forensic analysis of network packet captures, DNS, proxy, and host-based security logs.
Experience with cloud security posture management (CSPM) tools and practices.
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.