Incident Resonse/SOC Analyst- Top Secret

• Security Monitoring & Alert Management: Continuously monitor system health and security alerts to detect potential threats in real time.
• Incident Response & Forensic Analysis: Conduct forensic analysis of digital evidence to identify intrusion patterns, malicious actors, and attack vectors.
• Threat Intelligence & Correlation: Correlate data from multiple sources (logs, threat feeds, network traffic) to identify emerging threats and attack trends.
• Risk Assessment & Mitigation: Identify security risks, vulnerabilities, and exposures; recommend remediation strategies to prevent future incidents.
• Interpret, analyze, and report all events and anomalies in accordance with computer network directives, including initiating, responding, and reporting discovered events.
• Reporting & Compliance: Generate detailed incident reports and briefings for stakeholders, including executive summaries and technical deep dives.
• Collaborate with federal agencies (CYBERCOM, NSA, FBI, DOJ, DHS) to review cybersecurity intelligence and align with national security protocols.
• Process Improvement Continuously refine SOC workflows, playbooks, and detection logic to adapt to evolving threats.
• Responsible for performing correlation activities and trend analysis to discover attack patterns and assess the risks and potential exposure of assets and develop and enhance correlation rules, logic, and analysis techniques for associating data.

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.

Required Skills & Experience
- Possess 3-6 years of SOC experience
- Proficiency with SIEM platforms (e.g., Splunk) and endpoint detection tools (e.g., CrowdStrike, Sentinel One, Microsoft Defender).
- Strong understanding of network protocols, packet analysis, and tools like Wireshark or Zeek.
- Experience with IDS/IPS/NDR/EDR tools (e.g., Snort, Suricata, Bricata).
- Ability to analyze logs, correlate data, and detect adversary tactics, techniques, and procedures (TTPs).
- Familiarity with threat intelligence frameworks such as MITRE ATT&CK, Cyber Kill Chain, and IOC analysis.
Basic scripting or automation skills (e.g., Python, PowerShell, Bash) to enhance workflows.
- Security Plus CE or equivalent
- Comfortable fitting into a 6-2, 2-10,10-6 shift
- Possess a Top Secret Clearance

Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.