Job Information
Insight Global Sr. Cybersecurity Operations Analyst in Bloomington, Minnesota
Job Description
Insight Global is looking for a Sr. Cybersecurity Operations Analyst to join a large HCM company on a 6 month contract-to-hire basis. This role will be remote based in the US with core working hours of 9-5pm EST and will require on-call support when needed with a 1-hour response time. The successful candidate will act as a lead for high-severity incidents, driving end-to-end triage, root cause analysis, and continuous improvement of detection capabilities. You will design and optimize detection use cases, lead proactive threat hunting initiatives, and enhance automation to improve response efficiency. Prior experience with SIEM, WAF, and EDRs are crucial to succeed in this role.
Please Note: We may use artificial intelligence tools to assist with the screening, assessment, or selection of potential applicants for this position.
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.
Skills and Requirements
5+ years of experience in a Security Operations Center (SOC), Incident Response, Azure Cloud Security (L3/Senior/Principal level)
Expertise in MS Sentinel/Azure SIEM, including incident investigation, threat hunting, performance optimization, and detection engineering/accuracy and coverage
Advanced KQL experience for large-scale data analysis, threat hunting, and detection development
Strong experience with detection engineering including: design, implementation, and tuning analytics aligning to MITRE ATT&CK
Excellent WAF experience to triage web application detections
Expertise in managing and utilizing a wide range of security tools, including Next Generation Firewall, IDS/IPS, EDR, AV, MS Defender Suite, Internet Proxy, other Cloud Security Tools, etc.
Strong knowledge of cloud and security technologies, including MS Defender suite, identity security (Entra ID), EDR/XDR, firewalls, and cloud-native controls
Experience with automation and orchestration for Sentinel playbooks and Logic Apps to enhance efficiency in responses
Excellent communication and stakeholder management skills, with the ability to mentor SOC analysts - Relevant certifications such as SC-200, AZ-500, CySA+