Who Can Apply
- Candidates must be legally authorized to work in Canada
Job Description
Insight Global is looking for a Level 1 SOC Analyst to support a 24/7 Global SOC Team that operates in three shifts (6 am - 2pm, 2pm - 10pm, 10pm - 6 am). The selected resource will be responsible for conducting preliminary incident triage according to the Security Incident Management Triage Matrix and prioritize / escalate as appropriate. The selected resource will be providing support for security incidents coordination with SOAR platform and providing recommendations for next steps.
Required Skills & Experience
* 0-2 years of security analyst experience, preferably in a managed services environment.
Must hold a Government issued Secret Clearance (Level II)
* Basic experience with operation of commonly used information security solutions (with focus on Splunk, QRadar, Crowdstrike, Sentinel, TrendMicro)
* Base technology knowledge of Windows, Active Directory, Linux, SIEM Solutions, Antivirus software, Proxy
* Strong knowledge of current security threats, techniques, and landscape, and a dedicated and self-driven desire to research and learn more about the information security landscape.
* Review and triage experience with endpoint detection and response tools
* Experience and knowledge related to the configuration and maintenance of security monitoring and reporting platforms.
* Strong analytical skills, decision making, being able to work under time pressure, cooperating with other people and using the escalation processes when necessary.
Nice to Have Skills & Experience
* A minimum of 5 years hands on experience with one or more of the following areas:
o Operation and Implementation of SIEM solutions including:
QRadar or Splunk and Microsoft Sentinel.
o Operation and Implementation of Security Automation solutions including:
Thorough knowledge of SOAR (Security Orchestration Automation & Response) technologies.
o Desing and Implementation of Monitoring strategy including:
Thorough knowledge on defining data sources monitoring based on clients' business
Thorough knowledge on MITRE Frameworks (ATT&CK, D3FEND)
Familiar with Cyber Kill Chain
o Desing and Implementation of Configuration Governance solutions including:
Thorough knowledge on how to operationalize ongoing security configuration governance service using SOC standard methodologies, metrics, KPIs, KRIs, Operational Procedures.
o Cyber Network Operations/Penetration Test Methodologies and tools like Metasploit, Kali Linux, Cobalt Strike etc.,
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.