Tier 1 SOC Analyst

We are seeking a dedicated Security Operations Center (SOC) Analyst to join our team in

delivering robust detection and response capabilities. As a key member of our 24/7 SOC,

you will be responsible for monitoring our environment, triaging security alerts, and driving

the investigation process. This role is essential to maintaining the security posture of our

organization, requiring a candidate who can effectively operate within a 24/7 environment,

participate in on-call rotations, and contribute to the continuous improvement of our

defensive strategies.

Key Responsibilities

• Security Monitoring & Alert Triage:

o Monitor security alerts across a diverse stack, including Splunk SIEM, endpoint detection and response (Defender and Trend Micro), cloud security platforms

(Wiz, AWS Security Hub, Guard Duty), data loss prevention (DLP) tools, and

network telemetry.

o Conduct initial triage and investigation of security events to determine severity

and potential business impact using Splunk and integrated security tools

o Correlate alerts across multiple data sources to identify attack patterns,

differentiate true positives from false positives, and construct comprehensive

incident timelines.

o Document investigative findings, evidence, and analysis within ticketing

systems, ensuring clear and actionable details for seamless escalation.

o Escalate validated threats and complex incidents with thorough supporting

documentation.

SOC Operations

o Collaborate in post-incident reviews to assist with the refinement of detection logic, updating of playbooks, and enhancement of response procedures

o Provide feedback on coverage gaps and opportunities for automation based on daily experience

o Support metrics collection and reporting to measure operational effectiveness

Vulnerability Management

o Review and validate vulnerability scans from applicable tools

o Track remediation efforts and coordinate with system owners

o Maintain awareness of current threat landscape

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.

• Experience: 1-3 years of professional experience in a Security Operations Center (SOC) or in a previous security analyst role involved with detection and response.

• Technical Requirements:

o Working knowledge of Splunk or similar SIEM platforms

o Understanding of common security threats

o Familiarity with cloud environments (AWS/Azure basics)

o Basic understanding of networking concepts and protocols

o Ability to read and interpret security logs

• Soft Skills:

o Strong analytical and problem-solving abilities

o Excellent written and verbal communication skills

o Detail-oriented with strong documentation habits

o Team player with willingness to learn and adapt Certifications:

o Security+, CySA+, or similar entry-level certifications

o Microsoft Azure Fundamentals or AWS Cloud Practitioner

• Additional Experience:

o Prior experience in an MSSP-type setting or handling alerts for several clients

o Experience with ticketing systems (ServiceNow, Jira, etc.)

o Understanding of compliance frameworks

o Experience with Kusto Query Language (KQL)