Senior Security Analyst

Job Description The Senior Security Analyst II is responsible for supporting the design, configuration, testing, and deployment of on-prem and cloud services. They will provide Incident Response, threat hunting and proactive support of all development activities in both the cloud and on-prem environments. Ensuring anomalous activity is detected and the potential impact of events is understood Ensuring that information systems and assets are monitored to identify cybersecurity events and verify the effectiveness of protective measures Ensuring detection processes and procedures are maintained and tested to ensure awareness of anomalous events Ensuring response activities are coordinated with internal and external stakeholders (e.g., external support from service providers) Ensuring analysis is conducted to ensure effective response and support recovery activities Ensuring activities are performed to prevent expansion of an event, mitigate its effects, and resolve the incident Ensuring response processes and procedures are executed and maintained, to ensure response to detected cybersecurity incidents Ensuring recovery processes and procedures are executed and maintained to ensure restoration of systems or assets affected by cybersecurity incidents Ensuring recovery planning and processes are improved by incorporating lessons learned into future activities Ensuring restoration activities are coordinated with internal and external parties (e.g. coordinating centers, other CSIRTs, and vendors) We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HRinsightglobal.com . To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/ . Skills and Requirements GCIH, GCIA, GMON, GCED, or equivalent GIAC defense focused certifications HIGHLYYY PREFERRED Certifications by EC-Council, ISC2, Cisco, Microsoft, Fortinet, CompTIA, Offensive Security, etc. to be considered based on relevance to defensive cybersecurity operations Bachelors Degree in a related field such as cybersecurity, information technology, or computer science; equivalent combination of education and experience may be considered 5 years of experience Extensive experience threat hunting, Digital Forensics Incident Response (DFIR), across on prem and multiple cloud provisions Experience working with threat intelligence and protection platforms like Zerofox, Cyabra, etc. Experience working with EDR platforms like Microsoft Defender, Carbon Black or CrowdStrike, to name a few. Experience working with Managed Detection and Response (MDR) for endpoints, networks (NDR), email security, log analytics, SIEM and SOAR platforms like Darktrace, Red Canary, etc. Experience in IAM/PAM, EPM, SSOi, ERP platforms Some experience working with firewalls, WAFs, IDP/IDS/IPS, DLP, including policy setup for Fortinet, Cisco, etc. Ability to participate as a technical lead on all projects requiring cybersecurity expertise and consultation Ability to lead a Cybersecurity Incident Response Team (CIRT), Computer Security Incident Response Team (CSIRT) and Managed Security Services Partners (MSSPs) in the execution of daily incident response activities Ability to deploy, integrate, configure, and maintain systems which comprise the overall cybersecurity technology stack Ability to communicate complex cybersecurity concepts in a clear and concise manner for laypersons unfamiliar with cybersecurity and/or IT concepts Desire and ability to help drive organizational adoption and buy-in of cybersecurity policies and standards across the PBS ecosystem Expert knowledge in the following technologies and concepts: DFIR, IAM, PAM, DLP, NGFW, EDR, SIEM, IDS/IPS Strong foundational knowledge in IT technologies and concepts not limited to email security technologies, application security, cloud security (IaaS & PaaS, etc.), MITRE ATT&CK, SIEM, SOAR, CASB, MSSPs, DNS, Linux, Windows Fundamental knowledge of NIST, MDM, OWASP, PowerShell/Python/JavaScript, MacOS, malware analysis, LOLBAS, vulnerability management, WAF, CIS Benchmarks null We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal employment opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment without regard to race, color, ethnicity, religion,sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military oruniformed service member status, or any other status or characteristic protected by applicable laws, regulations, andordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to HRinsightglobal.com.