Job Description
Insight Global is seeking a Shift Lead (Master Level Cyber Defense Analyst / Intrusion Detection Team) for a top cybersecurity and federal services client. This candidate will lead a team within a 24/7 Security Operations Center, overseeing real-time threat detection, analysis, and response. They will combine deep technical expertise with leadership capabilities to guide analysts, assess cyber threats, and deliver actionable intelligence to stakeholders. The ideal candidate thrives in a fast-paced, high-stakes environment and brings strong experience with SIEM tools, intrusion detection technologies, and advanced cyber threat analysis. This will be for the 1st shift from 7:00 AM - 3:30 PM.
- Lead and mentor a team of intrusion analysts on overnight SOC shift
- Monitor, detect, and respond to cyber threats in real time
- Correlate threat intelligence with network/system activity
- Analyze intrusion signatures and attacker TTPs
- Produce actionable intelligence reports for incident response teams
- Conduct deep-dive investigations using logs, SIEM, and packet data
- Provide security posture assessments and recommendations
-Deliver briefings and reports to leadership on threat landscape
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.
Required Skills & Experience
- Bachelor’s degree + 8 years of intrusion detection experience
- 7+ years of hands-on intrusion detection across security technologies (IDS/IPS, HIPS, WAN monitoring)
- 5+ years performing senior-level log analysis (SIEM, Splunk, server logs, network traffic)
- 2+ years of leadership experience as a SOC or cybersecurity shift lead
- Strong experience with Splunk SIEM (including advanced query creation)
- Experience analyzing:
· Firewall ACLs
· Snort-based IDS events
· PCAPs and packet analysis
· Web server logs and raw log data
- One of the following certifications (minimum):
· GIAC Certified Intrusion Analyst (GCIA),
· EC-Council's Certified Security Analyst (ECSA),
· GIAC Certified Perimeter Protection Analyst (GPPA),
· GIAC Certified Enterprise Defender (GCED),
· Systems Security Certified Practitioner (SSCP),
· Certified Information Systems Security Professional (CISSP).
Splunk Fundamentals I & II certification
Nice to Have Skills & Experience
- Deep threat intelligence background (TTP analysis, threat actor tracking)
- Experience briefing executive leadership
- Advanced scripting or automation skills (e.g., Python, advanced GREP)
- Experience in high-security federal or government SOC environments
- Familiarity with 24x7x365 enterprise SOC operations
Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.