Job Description
This role is responsible for supporting advanced security operations by responding to and remediating high-severity incidents, conducting in-depth threat analysis, and leading threat hunting and intelligence efforts. The analyst will perform complex technical investigations, including network traffic analysis, malware and forensic reviews, and log correlation, while providing actionable insights to strengthen overall security posture. Responsibilities also include reviewing and tuning security events, developing detection procedures and runbooks, and aligning strategies with frameworks such as MITRE ATT&CK and NIST. Additionally, the role involves mentoring junior analysts, handling escalations from L1 teams, and contributing to detailed technical reporting and continuous improvement of security monitoring operations.
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.
Skills and Requirements
Requires 5+ Years of experince. At least 3-4 years SOC.
Experience with Microsoft Sentinel or Crowdstrike EDR/XDR toolsets
Understanding of SIEM, Endpoint Security solutions, Linux and Windows operating systems, Honeypots, Sinkholes and Malware Sandbox Technologies
Incident Response & Threat Hunting Understanding
Understanding of threat intelligence and threat modeling concepts
Advanced knowledge of cybersecurity components, principles, practices, and procedures
Understanding of computer network exploitation (CNE) and computer network defense (CND) concepts
Ability to research about targeted threat groups and their tactics, techniques and procedures (TTP)
Understanding of vulnerability and exploit analysis
Experience in conducting network traffic analysis and the detection of malicious code on endpoint systems
In-depth understanding about Windows and Linux System internals (process tree, event IDs, registry, scheduled tasks, etc)
Ability to clearly communicate technical observations to a variety of audiences, and strong written and verbal presentation skills
Flexible to support team during Public Holidays either in shift or On Call support
Experience with creating rules for noise reduction (suppression, whitelisting, custom rules) - Multiple security certifications from the following:
SANS GCIA, GCIH
CCNA, CCIE, NGFW Specialization
GREM, GCFE, OSCP (Threat Hunting specialist)
Secureworks
