Job Description The Senior Security Analyst II is responsible for supporting the design, configuration, testing, and deployment of on-prem and cloud services. They will provide Incident Response, threat hunting and proactive support of all development activities in both the cloud and on-prem environments.  Ensuring anomalous activity is detected and the potential impact of events is understood  Ensuring that information systems and assets are monitored to identify cybersecurity events and verify the effectiveness of protective measures  Ensuring detection processes and procedures are maintained and tested to ensure awareness of anomalous events  Ensuring response activities are coordinated with internal and external stakeholders (e.g., external support from service providers)  Ensuring analysis is conducted to ensure effective response and support recovery activities  Ensuring activities are performed to prevent expansion of an event, mitigate its effects, and resolve the incident  Ensuring response processes and procedures are executed and maintained, to ensure response to detected cybersecurity incidents  Ensuring recovery processes and procedures are executed and maintained to ensure restoration of systems or assets affected by cybersecurity incidents  Ensuring recovery planning and processes are improved by incorporating lessons learned into future activities  Ensuring restoration activities are coordinated with internal and external parties (e.g. coordinating centers, other CSIRTs, and vendors) We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com .     To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/ . Skills and Requirements GCIH, GCIA, GMON, GCED, or equivalent GIAC defense focused certifications HIGHLYYY PREFERRED  Certifications by EC-Council, ISC2, Cisco, Microsoft, Fortinet, CompTIA, Offensive Security, etc. to be considered based on relevance to defensive cybersecurity operations  Bachelors Degree in a related field such as cybersecurity, information technology, or computer science; equivalent combination of education and experience may be considered - 5 years of experience  Extensive experience threat hunting, Digital Forensics Incident Response (DFIR), across on prem and multiple cloud provisions  Experience working with threat intelligence and protection platforms like Zerofox, Cyabra, etc.  Experience working with EDR platforms like Microsoft Defender, Carbon Black or CrowdStrike, to name a few.  Experience working with Managed Detection and Response (MDR) for endpoints, networks (NDR), email security, log analytics, SIEM and SOAR platforms like Darktrace, Red Canary, etc.  Experience in IAM/PAM, EPM, SSOi, ERP platforms  Some experience working with firewalls, WAFs, IDP/IDS/IPS, DLP, including policy setup for Fortinet, Cisco, etc.  Ability to participate as a technical lead on all projects requiring cybersecurity expertise and consultation  Ability to lead a Cybersecurity Incident Response Team (CIRT), Computer Security Incident Response Team (CSIRT) and Managed Security Services Partners (MSSPs) in the execution of daily incident response activities  Ability to deploy, integrate, configure, and maintain systems which comprise the overall cybersecurity technology stack  Ability to communicate complex cybersecurity concepts in a clear and concise manner for laypersons unfamiliar with cybersecurity and/or IT concepts  Desire and ability to help drive organizational adoption and buy-in of cybersecurity policies and standards across the PBS ecosystem Expert knowledge in the following technologies and concepts: DFIR, IAM, PAM, DLP, NGFW, EDR, SIEM, IDS/IPS  Strong foundational knowledge in IT technologies and concepts not limited to email security technologies, application security, cloud security (IaaS & PaaS, etc.), MITRE ATT&CK, SIEM, SOAR, CASB, MSSPs, DNS, Linux, Windows  Fundamental knowledge of NIST, MDM, OWASP, PowerShell/Python/JavaScript, MacOS, malware analysis, LOLBAS, vulnerability management, WAF, CIS Benchmarks null We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal employment opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment without regard to race, color, ethnicity, religion,sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military oruniformed service member status, or any other status or characteristic protected by applicable laws, regulations, andordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to HR@insightglobal.com.