Job Description
We are seeking a dedicated Security Operations Center (SOC) Analyst to join our team in
delivering robust detection and response capabilities. As a key member of our 24/7 SOC,
you will be responsible for monitoring our environment, triaging security alerts, and driving
the investigation process. This role is essential to maintaining the security posture of our
organization, requiring a candidate who can effectively operate within a 24/7 environment,
participate in on-call rotations, and contribute to the continuous improvement of our
defensive strategies.
Key Responsibilities
• Security Monitoring & Alert Triage:
o Monitor security alerts across a diverse stack, including Splunk SIEM, endpoint detection and response (Defender and Trend Micro), cloud security platforms
(Wiz, AWS Security Hub, Guard Duty), data loss prevention (DLP) tools, and
network telemetry.
o Conduct initial triage and investigation of security events to determine severity
and potential business impact using Splunk and integrated security tools
o Correlate alerts across multiple data sources to identify attack patterns,
differentiate true positives from false positives, and construct comprehensive
incident timelines.
o Document investigative findings, evidence, and analysis within ticketing
systems, ensuring clear and actionable details for seamless escalation.
o Escalate validated threats and complex incidents with thorough supporting
documentation.
SOC Operations
o Collaborate in post-incident reviews to assist with the refinement of detection logic, updating of playbooks, and enhancement of response procedures
o Provide feedback on coverage gaps and opportunities for automation based on daily experience
o Support metrics collection and reporting to measure operational effectiveness
Vulnerability Management
o Review and validate vulnerability scans from applicable tools
o Track remediation efforts and coordinate with system owners
o Maintain awareness of current threat landscape
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.
Required Skills & Experience
• Experience: 1-3 years of professional experience in a Security Operations Center (SOC) or in a previous security analyst role involved with detection and response.
• Technical Requirements:
o Working knowledge of Splunk or similar SIEM platforms
o Understanding of common security threats
o Familiarity with cloud environments (AWS/Azure basics)
o Basic understanding of networking concepts and protocols
o Ability to read and interpret security logs
• Soft Skills:
o Strong analytical and problem-solving abilities
o Excellent written and verbal communication skills
o Detail-oriented with strong documentation habits
o Team player with willingness to learn and adapt
Nice to Have Skills & Experience
Certifications:
o Security+, CySA+, or similar entry-level certifications
o Microsoft Azure Fundamentals or AWS Cloud Practitioner
• Additional Experience:
o Prior experience in an MSSP-type setting or handling alerts for several clients
o Experience with ticketing systems (ServiceNow, Jira, etc.)
o Understanding of compliance frameworks
o Experience with Kusto Query Language (KQL)
o Familiar
Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.