About the Role:
On of our top Food and Beverage Clients is seeking a skilled and proactive Lead Security Operations Analyst to guide day-to-day triage and incident response efforts. This role is ideal for someone with hands-on experience in security operations who is ready to take on a leadership role in process ownership and technical execution. Youll serve as a key escalation point and help drive improvements in our detection and response capabilities.
Day-to-Day Responsibilities:
Manage and prioritize a high-volume triage queue (50100 items/day)
Investigate phishing attempts and other suspicious activity
Lead incident response processes, including:
Scheduling and running tabletop exercises
Coordinating cross-functional response efforts
Conducting root cause analysis and remediation
Oversee vulnerability management efforts and ensure timely resolution
Monitor the perimeter to ensure endpoint and network security
Ensure endpoint agents (e.g., Cylance, SentinelOne) are active and functioning
Investigate anomalies and resolve variabilities in system behavior
Act as the primary liaison with outsourced triage providers
Maintain documentation and contribute to continuous improvement initiatives
Tool Usage Breakdown:
6070%: Triage queue management, monitoring, and incident response
2030%: Collaboration with IAM and security architecture teams on escalated issues
1015%: Planning and executing security exercises, documentation, and reporting
We are a company committed to creating inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity employer that believes everyone matters. Qualified candidates will receive consideration for employment opportunities without regard to race, religion, sex, age, marital status, national origin, sexual orientation, citizenship status, disability, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to
Human Resources Request Form. The EEOC "Know Your Rights" Poster is available
here.
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy:
https://insightglobal.com/workforce-privacy-policy/ .
5+ years of experience in security operations, incident response, or SOC environments
Strong understanding of the incident response lifecycle and triage best practices
Certifications such as CISSP, CSOM (Certified Security Operations Manager)
Experience with:
- Cortex XSOAR Experience automating incident response workflows and integrating security tools.
- Tenable Proficient in identifying, assessing, and prioritizing vulnerabilities across enterprise assets.
- Taegis XDR Skilled in detecting and investigating threats across endpoints and networks.
- Cisco Umbrella Knowledge of DNS-layer security and blocking malicious web traffic.
Agari Familiarity with email threat protection and phishing detection techniques.
Cylance AI-driven endpoint protection
SentinelOne AI-powered endpoint protection, detection, and response
Ability to analyze logs, correlate events, and identify anomalies
Excellent communication skills and the ability to work cross-functionally
Experience working with or managing MSSPs or outsourced triage teams
Familiarity with compliance frameworks (e.g., PCI, SOX, HIPAA)
Strong documentation and reporting skills
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.