Detection Engineer

A client of Insight Global is looking for a Detection Engineer to play a critical role in protecting their cloud-based systems and security operations. This position works at the intersection of cybersecurity, cloud infrastructure, and threat detection, focusing on monitoring logs, tuning alerts, and managing data streams across platforms like Google SecOps, AWS, and Cribl.

The ideal candidate combines hands-on experience with SIEM and SOAR tools, strong scripting skills (like Python, PowerShell, and SQL), and a deep understanding of cloud environments. They partner across IT, security, and operations teams to build secure, efficient, and compliant systems that defend against evolving threats.


This candidate will be responsible for:

• Monitors and works with logs in Google SecOps and Google Cloud Observability.
• Works closely with system owners to manage alert and security use case creation as well as operational alerting in the Cloud Observability projects.
• Collaborates on IT projects to ensure that security issues are addressed throughout the organization.
• Tunes alerts and use cases over the Use Case Management Life Cycle.
• Tunes alerts and alerting in GCP Projects utilizing Big Query, Log Analytics or Log Explorer tools.
• Experience in data stream management tools like Cribl to control data streams from end to end.
• Infrastructure engineering experience in AWS and other cloud platforms.
• Participates in department-wide change control and IT governance processes, on behalf of the Nelnet Cyber Security Group (CSG).
• Stays up to date on the latest global vulnerability landscape and published compliance guidelines.
• Responds to audit findings, directing remediation, tracking progress, providing status reporting, and creating/maintaining evidence documentation.
• Develops and maintains documentation for security related systems.

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.

• 5 years of IT experience in general
• 2+ years IT operations experience working with SIEM products and threat detection.
• 2+ years IT infrastructure experience preferably in a cloud environment.
• Threat detection and Alarming/Alerting mechanisms.
• Hands-on experience with SIEM, SOAR, and Database Monitoring products.
• Experience with Yara, Yara-L, Python, PowerShell, SQL, BASH, Chef or Ansible a plus.
- some SQL experience is a must
Ability to obtain a 6C clearance

EDUCATION:
Bachelor’s degree in cybersecurity, computer science, systems administration, information systems, or related areas. Or relevant work experience.

• 2-4 years of SOC analyst experience
• SIEM: Google SecOps experience preferred.
• SOAR: Google SecOps experience preferred.
• ELF
• MSSP experience
- Splunk or Splunk certifications
- BQ SQL and Google Observability experience preferred

Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.