L2 Cyber Security Analyst (Azure)

A travel client based in Woodland Hills is seeking a Level 2 Cyber Security Analyst to join their cybersecurity team, which consists of approximately ten members, including analysts, engineers, and project managers. This role is integral to identifying, analyzing, and responding to security incidents across the organization's Azure-based environment. Key responsibilities include monitoring security alerts, conducting in-depth investigations, and escalating complex threats when necessary. The cloud infrastructure is centered on Microsoft Azure and includes tools such as Microsoft Sentinel, Microsoft Defender for Endpoint (MDE), Cloud Security Posture Management (CSPM), Data Loss Prevention (DLP), Microsoft Baseline Environment (MBE), among others. The analyst will be responsible for executing KQL queries and performing threat hunting within the Microsoft ecosystem. A strong foundation in Azure security services, SIEM tools, and network security principles is essential.

The role’s time allocation is approximately:
• 30% incident response (with a 1-hour SLA)
• 30% validating security posture and risk levels with cross-functional teams
• 20% monitoring the InfoSec mailbox to identify phishing attempts and end-user reports (1-hour SLA)
• 20% supporting ongoing security projects
While critical incidents are rare, they carry a 15-minute SLA. Projects may include achieving NIST 3.0 compliance, enhancing documentation standards, implementing Azure security plugins, and more. This is a hybrid role requiring on-site presence in Woodland Hills, CA three days per week—Monday, Wednesday, and Thursday.

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.

• 3+ years of cybersecurity experience, specifically in Azure security/Microsoft Sentinel environments
• Proficiency with KQL queries for data exploration, anomaly detection, and pattern analysis (in Sentinel)
○ (Queries and table questions will come up on the interview)
Advanced threat hunting - part of Microsoft Defender for cloud apps

• Exposure to NIST 3.0 framework
• Experience with PCI audits
• Azure certifications
• Experience with AWS CloudWatch and CloudTrail
• Solid understanding of networking, virtual machines, and experience with Palo Alto firewalls
Strong documentation and project management skills using tools like Jira, SharePoint, and ServiceNow
• Experience in enterprise-scale environments (any industry)

Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.