Job Description
This role is responsible for supporting advanced security operations by responding to and remediating high-severity incidents, conducting in-depth threat analysis, and leading threat hunting and intelligence efforts. The analyst will perform complex technical investigations, including network traffic analysis, malware and forensic reviews, and log correlation, while providing actionable insights to strengthen overall security posture. Responsibilities also include reviewing and tuning security events, developing detection procedures and runbooks, and aligning strategies with frameworks such as MITRE ATT&CK and NIST. Additionally, the role involves mentoring junior analysts, handling escalations from L1 teams, and contributing to detailed technical reporting and continuous improvement of security monitoring operations.
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.
Required Skills & Experience
• Requires 5+ Years of experince. At least 3-4 years SOC.
• Experience with Microsoft Sentinel or Crowdstrike EDR/XDR toolsets
• Understanding of SIEM, Endpoint Security solutions, Linux and Windows operating systems, Honeypots, Sinkholes and Malware Sandbox Technologies
• Incident Response & Threat Hunting Understanding
• Understanding of threat intelligence and threat modeling concepts
• Advanced knowledge of cybersecurity components, principles, practices, and procedures
• Understanding of computer network exploitation (CNE) and computer network defense (CND) concepts
• Ability to research about targeted threat groups and their tactics, techniques and procedures (TTP)
• Understanding of vulnerability and exploit analysis
• Experience in conducting network traffic analysis and the detection of malicious code on endpoint systems
• In-depth understanding about Windows and Linux System internals (process tree, event IDs, registry, scheduled tasks, etc)
• Ability to clearly communicate technical observations to a variety of audiences, and strong written and verbal presentation skills
• Flexible to support team during Public Holidays either in shift or On Call support
• Experience with creating rules for noise reduction (suppression, whitelisting, custom rules)
Nice to Have Skills & Experience
• Multiple security certifications from the following:
SANS GCIA, GCIH
CCNA, CCIE, NGFW Specialization
GREM, GCFE, OSCP (Threat Hunting specialist)
• Secureworks
Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.