Job Description

　　Insight Global is looking for a Level 3 SOC Analyst to support a 24/7 Global SOC Team that operates in three shifts (6 am - 2pm, 2pm - 10pm, 10pm - 6 am). The selected resource will be responsible for leading complex investigations, detection, triage, analysis and response to cyber-attacks and serving as the Cyber SME/ onsite task lead. Training and mentoring to Level 1 & Level 2 peers is also expected of this resource. The selected resource should also perform Security Operations maturity assessments, formulate roadmaps to bridge existing security gaps and help accelerate transformation towards SOC maturity.

　　Skills and Requirements

　　* 8+ years of security analyst experience, preferably in a managed services environment.

　　Must hold a Government issued Secret Clearance (Level II)

　　* A minimum of 5 years "hands-on" experience on SOC operations (Standard Operations Procedures, Runbook and Playbooks).

　　* Experience threat hunting, proactively and iteratively searching to detect advanced threats that evade existing security solutions.

　　* Expertise in network, host, and cloud-based security, attack techniques, analysis, and investigation

　　* Strong experience with Operating systems (Windows, Linux and MacOS) & IT Architecture

　　* Deep understanding of a variety of logs coming from cloud, network or endpoint devices.

　　* Expert level understanding of advanced attacks and defense techniques.

　　* Experience in Cloud Security monitoring and in advanced analytics (UEBA)

　　* Experience with leading security incident response

　　* Experience with triaging various disparate anomalies to detect meaningful threat scenarios.

　　* Sound experience on programming languages: Python and/or R. and/or PowerShell

　　* Experience in REST API interfaces to support data collection or integration.

　　* Experience with Data monitoring / Data Science

　　* Strong Understanding of the current cyber threat landscape, the different tactics commonly used by adversaries and how you would investigate, contain and recover against their attacks.

　　* Deep knowledge in the most common and used frameworks (E.g., NIST CSF, ISO2700x, CMM SOC, etc.) * A minimum of 5 years hands on experience with one or more of the following areas:

　　o Operation and Implementation of SIEM solutions including:

　　 QRadar or Splunk and Microsoft Sentinel.

　　o Operation and Implementation of Security Automation solutions including:

　　 Thorough knowledge of SOAR (Security Orchestration Automation & Response) technologies.

　　o Desing and Implementation of Monitoring strategy including:

　　 Thorough knowledge on defining data sources monitoring based on clients' business

　　 Thorough knowledge on MITRE Frameworks (ATT&CK, D3FEND)

　　 Familiar with Cyber Kill Chain

　　o Desing and Implementation of Configuration Governance solutions including:

　　 Thorough knowledge on how to operationalize ongoing security configuration governance service using SOC standard methodologies, metrics, KPIs, KRIs, Operational Procedures.

　　o Cyber Network Operations/Penetration Test Methodologies and tools like Metasploit, Kali Linux, Cobalt Strike etc., null

　　We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal employment opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment without regard to race, color, ethnicity, religion,sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military oruniformed service member status, or any other status or characteristic protected by applicable laws, regulations, andordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to [email protected].