Sr. Cybersecurity Operations Analyst
Minnesota Jobs, Minneapolis, MN, United States
Sr. Cybersecurity Operations Analyst
Insight Global is looking for a Sr. Cybersecurity Operations Analyst to join a large HCM company on a 6 month contract-to-hire basis. This role will be remote based in the US with core working hours of 9-5pm EST and will require on-call support when needed with a 1-hour response time. The successful candidate will act as a lead for high-severity incidents, driving end-to-end triage, root cause analysis, and continuous improvement of detection capabilities. You will design and optimize detection use cases, lead proactive threat hunting initiatives, and enhance automation to improve response efficiency. Prior experience with SIEM, WAF, and EDRs are crucial to succeed in this role. Skills and Requirements 5+ years of experience in a Security Operations Center (SOC), Incident Response, Azure Cloud Security (L3/Senior/Principal level) Expertise in MS Sentinel/Azure SIEM, including incident investigation, threat hunting, performance optimization, and detection engineering/accuracy and coverage Advanced KQL experience for large-scale data analysis, threat hunting, and detection development Strong experience with detection engineering including: design, implementation, and tuning analytics aligning to MITRE ATT&CK Excellent WAF experience to triage web application detections Expertise in managing and utilizing a wide range of security tools, including Next Generation Firewall, IDS/IPS, EDR, AV, MS Defender Suite, Internet Proxy, other Cloud Security Tools, etc. Strong knowledge of cloud and security technologies, including MS Defender suite, identity security (Entra ID), EDR/XDR, firewalls, and cloud-native controls Experience with automation and orchestration for Sentinel playbooks and Logic Apps to enhance efficiency in responses Excellent communication and stakeholder management skills, with the ability to mentor SOC analysts - Relevant certifications such as SC-200, AZ-500, CySA+
Insight Global is looking for a Sr. Cybersecurity Operations Analyst to join a large HCM company on a 6 month contract-to-hire basis. This role will be remote based in the US with core working hours of 9-5pm EST and will require on-call support when needed with a 1-hour response time. The successful candidate will act as a lead for high-severity incidents, driving end-to-end triage, root cause analysis, and continuous improvement of detection capabilities. You will design and optimize detection use cases, lead proactive threat hunting initiatives, and enhance automation to improve response efficiency. Prior experience with SIEM, WAF, and EDRs are crucial to succeed in this role. Skills and Requirements 5+ years of experience in a Security Operations Center (SOC), Incident Response, Azure Cloud Security (L3/Senior/Principal level) Expertise in MS Sentinel/Azure SIEM, including incident investigation, threat hunting, performance optimization, and detection engineering/accuracy and coverage Advanced KQL experience for large-scale data analysis, threat hunting, and detection development Strong experience with detection engineering including: design, implementation, and tuning analytics aligning to MITRE ATT&CK Excellent WAF experience to triage web application detections Expertise in managing and utilizing a wide range of security tools, including Next Generation Firewall, IDS/IPS, EDR, AV, MS Defender Suite, Internet Proxy, other Cloud Security Tools, etc. Strong knowledge of cloud and security technologies, including MS Defender suite, identity security (Entra ID), EDR/XDR, firewalls, and cloud-native controls Experience with automation and orchestration for Sentinel playbooks and Logic Apps to enhance efficiency in responses Excellent communication and stakeholder management skills, with the ability to mentor SOC analysts - Relevant certifications such as SC-200, AZ-500, CySA+