Job Description

　　Insight Global is looking for a Level 1 SOC Analyst to support a 24/7 Global SOC Team that operates in three shifts (6 am - 2pm, 2pm - 10pm, 10pm - 6 am). The selected resource will be responsible for conducting preliminary incident triage according to the Security Incident Management Triage Matrix and prioritize / escalate as appropriate. The selected resource will be providing support for security incidents coordination with SOAR platform and providing recommendations for next steps.

　　Skills and Requirements

　　* 0-2 years of security analyst experience, preferably in a managed services environment.

　　Must hold a Government issued Secret Clearance (Level II)

　　* Basic experience with operation of commonly used information security solutions (with focus on Splunk, QRadar, Crowdstrike, Sentinel, TrendMicro)

　　* Base technology knowledge of Windows, Active Directory, Linux, SIEM Solutions, Antivirus software, Proxy

　　* Strong knowledge of current security threats, techniques, and landscape, and a dedicated and self-driven desire to research and learn more about the information security landscape.

　　* Review and triage experience with endpoint detection and response tools

　　* Experience and knowledge related to the configuration and maintenance of security monitoring and reporting platforms.

　　* Strong analytical skills, decision making, being able to work under time pressure, cooperating with other people and using the escalation processes when necessary. * A minimum of 5 years hands on experience with one or more of the following areas:

　　o Operation and Implementation of SIEM solutions including:

　　 QRadar or Splunk and Microsoft Sentinel.

　　o Operation and Implementation of Security Automation solutions including:

　　 Thorough knowledge of SOAR (Security Orchestration Automation & Response) technologies.

　　o Desing and Implementation of Monitoring strategy including:

　　 Thorough knowledge on defining data sources monitoring based on clients' business

　　 Thorough knowledge on MITRE Frameworks (ATT&CK, D3FEND)

　　 Familiar with Cyber Kill Chain

　　o Desing and Implementation of Configuration Governance solutions including:

　　 Thorough knowledge on how to operationalize ongoing security configuration governance service using SOC standard methodologies, metrics, KPIs, KRIs, Operational Procedures.

　　o Cyber Network Operations/Penetration Test Methodologies and tools like Metasploit, Kali Linux, Cobalt Strike etc., null

　　We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal employment opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment without regard to race, color, ethnicity, religion,sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military oruniformed service member status, or any other status or characteristic protected by applicable laws, regulations, andordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to [email protected].