Sr. Cybersecurity Operations Engineer

Insight Global
Bloomington, United States of America
11 days ago

Role details

Contract type
Temporary contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Remote
Bloomington, United States of America

Tech stack

Proxy Servers
Azure
Big Data
Cloud Computing
Cloud Computing Security
Cloud Engineering
Computer Security
Identity and Access Management
Intrusion Detection and Prevention
Intrusion Detection Systems
Performance Tuning
Kusto Query Language
Security Information and Event Management
Web Applications
Microsoft Power Automate
Mitre Att&ck
Firewalls (Computer Science)
Cybercrime

Job description

Insight Global is looking for a Sr. Cybersecurity Operations Analyst to join a large HCM company on a 6 month contract-to-hire basis. This role will be remote based in the US with core working hours of 9-5pm EST and will require on-call support when needed with a 1-hour response time. The successful candidate will act as a lead for high-severity incidents, driving end-to-end triage, root cause analysis, and continuous improvement of detection capabilities. You will design and optimize detection use cases, lead proactive threat hunting initiatives, and enhance automation to improve response efficiency. Prior experience with SIEM, WAF, and EDRs are crucial to succeed in this role.

Please Note: We may use artificial intelligence tools to assist with the screening, assessment, or selection of potential applicants for this position.

Requirements

5+ years of experience in a Security Operations Center (SOC), Incident Response, Azure Cloud Security (L3/Senior/Principal level)

  • Expertise in MS Sentinel/Azure SIEM, including incident investigation, threat hunting, performance optimization, and detection engineering/accuracy and coverage

  • Advanced KQL experience for large-scale data analysis, threat hunting, and detection development

  • Strong experience with detection engineering including: design, implementation, and tuning analytics aligning to MITRE ATT&CK

  • Excellent WAF experience to triage web application detections

  • Expertise in managing and utilizing a wide range of security tools, including Next Generation Firewall, IDS/IPS, EDR, AV, MS Defender Suite, Internet Proxy, other Cloud Security Tools, etc.

  • Strong knowledge of cloud and security technologies, including MS Defender suite, identity security (Entra ID), EDR/XDR, firewalls, and cloud-native controls

  • Experience with automation and orchestration for Sentinel playbooks and Logic Apps to enhance efficiency in responses

  • Excellent communication and stakeholder management skills, with the ability to mentor SOC analysts - Relevant certifications such as SC-200, AZ-500, CySA+

Apply for this position