Insight Global is hiring a Hybrid SOC Analyst in support of the IRS. You will be required to go onsite once a week to Lanham, MD, working core shift hours.

Job Title: Senior SOC Analyst

Location: Hybrid - 1x a week onsite in Lanham, MD.

Employment Type: 6-month contract to permanent placement.

Interview Process: 1-2 Virtual Rounds

Onboarding Process: 2-3 Months for MBI Public Trust clearance; if have active MBI, ASAP start.

Pay Rate: $55/hr

Responsibilities:

* Monitor security alerts and logs from various cybersecurity tools and platforms to detect and prioritize potential threats.

* Lead in-depth analysis of security events, including network traffic, endpoint alerts, and system logs, to identify malicious activity.

* Develop and refine incident response protocols and procedures to ensure rapid and effective response to security incidents.

* Coordinate and lead incident response activities, including containment, eradication, and recovery processes.

* Provide expert guidance and mentorship to junior SOC analysts, enhancing team knowledge and effectiveness.

* Collaborate with cybersecurity engineering teams to tune and optimize security tools and technologies.

* Stay abreast of the latest cybersecurity threats, trends, and technologies to continually enhance the SOC's capabilities.

* Conduct proactive threat hunting to identify and mitigate potential security risks before they impact the organization.

* Develop and deliver comprehensive reports on security! incidents, trends, and overall SOC performance to senior management.

* Participate in the development and execution of cybersecurity drills and exercises to prepare for real-world cyber incidents.

Requirements:

* Bachelor's degree in Computer Science, Information Security, or a related field. Advanced degree preferred.

Regex experience/knowledge

STRONG Splunk SPL Query and PCAP analysis experience.

* 4 years of experience in related field.

* Strong proficiency with Splunk ES SIEM tool and Splunk SPL query language, endpoint detection and response (EDR) platforms, intrusion detection systems (IDS)/intrusion prevention systems (IPS), and other security technologies.

* Experience with Cloud monitoring in Azure and AWS desired

* Strong analytical skills with the ability to analyze and interpret complex information from multiple sources.

* Experience with incident response and digital forensics tools and methodologies.

* Excellent written and verbal communication skills, with the ability to convey complex security issues to non-technical stakeholders.

Required Skills and Abilities:

* Network Analysis

* IDS

* SIEM