Performs strategic assessments to understand the current capabilities and future security needs of the enterprise. Recognizes and evaluates business security risks while defining appropriate risk-mitigating controls and technologies.
Takes a primary role in investigating and responding to complex security incidents identified through threat-hunting activities, including containment, eradication, and recovery efforts. Presents incident details and findings to senior management.
Based on insights from threat hunting, recommends and drives the implementation of new or enhanced security controls and technologies to mitigate identified vulnerabilities and improve the organizations defense capabilities.
Provides technical leadership, guidance, and mentorship to junior threat hunters, fostering their professional development and enhancing the team's overall capabilities.
Defines the scope, objectives, and methodologies for threat-hunting engagements based on threat intelligence, business risk, and asset criticality. Oversees the planning, execution, and reporting of threat-hunting activities to ensure the efficient and effective identification of potential threats.
Identifies new and alternative approaches for implementing and managing security activities. Provides security consultation and implements appropriate controls to minimize the risk of potential revenue loss, missed business opportunities, or competitive disadvantages resulting from malicious attacks, accidental data corruption, or unauthorized access to sensitive company or customer information assets.
Maintains relationships with and consults industry-leading Information Security Associations, companies, and forums to stay updated on the latest technology and process advancements through education. Manages security trends and evaluates their effects on the CLS architecture and the security protection landscape.
Provides tier-three subject matter expert (SME) escalation support to the Service Desk for information security issues. This includes maintaining historical information, making adjustments, compiling statistics to enhance performance, and developing performance metrics.
Ensures that projects are selected based on key criteria and are diligent in selecting the most valuable projects within resource and budget constraints. Has the capability to request funding for larger projects, document the program,, and present improvements to senior management for approval.
Prepares clear and concise reports and presentations for both technical and non-technical audiences, including senior management, that summarize threat-hunting activities, findings, and actionable recommendations.
Offers strategic input for the development and maintenance of the organization's security roadmap, informed by insights gained from threat-hunting activities and the evolving threat landscape.
We are a company committed to creating inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity employer that believes everyone matters. Qualified candidates will receive consideration for employment opportunities without regard to race, religion, sex, age, marital status, national origin, sexual orientation, citizenship status, disability, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to
Human Resources Request Form. The EEOC "Know Your Rights" Poster is available
here.
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy:
https://insightglobal.com/workforce-privacy-policy/ .
6-8+years of cybersecurity experience with recent expertise in threat hunting or pen testing
Extensive hands on threat hunting/forensics experience
Knowledge of operating systems (Windows, Unix, macOS), endpoint detection and response (EDR) solutions, antivirus software, and how threats manifest on endpoints is essential.
Proficiency in using SIEM tools (e.g., Splunk, Sumologic, SentinelOne) to aggregate, correlate, and analyze security logs and events from various sources
Strong scripting knowledge in (Python, Bash or Ruby etc.)
Strong understanding of cloud security concepts (Azure or GCP is preferred)
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.