Sr. Cybersecurity Operations Analyst

Insight Global is looking for a Sr. Cybersecurity Operations Analyst to join a large HCM company on a 6 month contract-to-hire basis. This role will be remote based in the US with core working hours of 9-5pm EST and will require on-call support when needed with a 1-hour response time. The successful candidate will act as a lead for high-severity incidents, driving end-to-end triage, root cause analysis, and continuous improvement of detection capabilities. You will design and optimize detection use cases, lead proactive threat hunting initiatives, and enhance automation to improve response efficiency. Prior experience with SIEM, WAF, and EDRs are crucial to succeed in this role.

Please Note: We may use artificial intelligence tools to assist with the screening, assessment, or selection of potential applicants for this position.

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.

- 5+ years of experience in a Security Operations Center (SOC), Incident Response, Azure Cloud Security (L3/Senior/Principal level)
- Expertise in MS Sentinel/Azure SIEM, including incident investigation, threat hunting, performance optimization, and detection engineering/accuracy and coverage
- Advanced KQL experience for large-scale data analysis, threat hunting, and detection development
- Strong experience with detection engineering including: design, implementation, and tuning analytics aligning to MITRE ATT&CK
- Excellent WAF experience to triage web application detections
- Expertise in managing and utilizing a wide range of security tools, including Next Generation Firewall, IDS/IPS, EDR, AV, MS Defender Suite, Internet Proxy, other Cloud Security Tools, etc.
- Strong knowledge of cloud and security technologies, including MS Defender suite, identity security (Entra ID), EDR/XDR, firewalls, and cloud-native controls
- Experience with automation and orchestration for Sentinel playbooks and Logic Apps to enhance efficiency in responses
- Excellent communication and stakeholder management skills, with the ability to mentor SOC analysts

- Relevant certifications such as SC-200, AZ-500, CySA+

Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.