Tier 2 SOC Analyst

This person will be handling all Tier 2 escalations for the SOC Team. They will monitor for threats, analyze, and notify customer. They will be working in a 24x7 Security Operation Center (SOC) environment. They will complete a Security Log analysis to detect attack origin, attack spread, attacker details, incident details. This person will be responsible for Incident Response when analysis confirms actionable incident as well as analyzing and responding to previously undisclosed software and hardware vulnerabilities. Daily tasks include investigating documenting, and reporting on incidents. They will integrate and share information with other analysts and other teams as well as completing other tasks and responsibilities as assigned. This person will have to interface with customers daily to consult with them on best security practices and help them mature their security

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.

To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/ .

4-5 years of relevant experience in cybersecurity

Strong analytical and technical skills in computer network defense operations

Incident response Handling (Detection, Analysis, Triage, Recommendations)

Performing advance investigation of security incidents (reported by L1 & L2 Analyst) using tools and technologies (Splunk, Paloalto, PPT, Zingbox, EDR etc)

Prepare weekly SOC incident debrief for management & client executive summary report.

Review and support new use-case & fine tuning, create and maintain process document and SOP.

Identifying new use-case scope, finetuning scope and give suggestions.

Identify the devices with no use-case in splunk, SIEM and propose industry based good to have use-cases

24/7 On-Call support for critical incidents, investigate, document the finding and create RCA as applicable.

Experience handling high priority Security Incidents

Hunting (anomalous pattern detection and content management)

Prior experience of investigating security events

Should be able to distinguish incidents as opposed to non-incidents

Must have good verbal & written communication skills, understanding of networking concepts, and a good understanding of Windows and Unix basics

Relevant Certifications: CEH, CISSP, Security+, or related certification

Bachelor's Degree in Information Technologies, Cyber Security, or a related field.

Experience with some/all: SIEM, SPLUNK, EDR, Phishing tools, SNOW, Infoblox, palo alto, IOTs, Malware investigation, Critical security incident investigation and etc

Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.