• Tier 1 SOC Analyst

    Insight Global (Santa Ana, CA)


    Job Description

    Participate in daily turnover meetings with day shift

     

    Monitor and respond to ~90 active SIEM alerts

     

    Escalate incidents to clients as needed

     

    Collaborate with shift leads to collect logs and build incident reports

     

    Conduct threat analysis and hypothesis development

     

    Submit findings to senior shift leads and SIEM engineering team

     

    Perform additional duties (~10% of time) including metrics reporting and cyber threat intelligence

     

    Common threats include phishing, endpoint, and firewall-based incidents

     

    We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to [email protected] learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.

     

    Skills and Requirements

     

    Bachelor’s degree in Cybersecurity or related technical field

     

    0–2+ years of relevant industry experience preferred

     

    Foundational cybersecurity analyst skills

     

    Strong interpersonal and multitasking abilities

    Experience with:

    Microsoft Sentinel

     

    SIEM tools

     

    Process development and automation (PowerShell, Python, Power Automate, Power BI)

     

    Deployment and scripting

     

    Firewall, web proxy, email gateway/firewall, EDR

     

    ServiceNow

     

    Shift Details

     

    Week 1: Day Shift (8 AM – 5 PM) for training ("Boot Camp")

     

    Week 2 and onward: Midnight Shift (12 AM – 9 AM), including weekends (specific weekend days TBD)

     

    Note: This is a 24/7/365 operations center; holiday coverage is expected