"Alerted.org

Job Description

Insight Global is looking for a Sr. EDR Specialist that is able to take on a role that demands a fusion of technical expertise in Elastic SIEM, a solid grasp of cybersecurity fundamentals, and sharp analytical thinking to proactively defend against and respond to digital threats. The ideal candidate will also demonstrate strong communication skills to convey intricate security matters to diverse audiences.

Responsibilities include, but are not limited to:

Network Surveillance & Threat Detection: Conduct security analysis using tools such as IDS/IPS, firewalls, and host-based systems to identify intrusions.

Elastic SIEM Operations: Leverage Elastic SIEM to correlate logs and events, uncover threat indicators, and generate actionable insights.

Threat Intelligence & Research: Monitor emerging vulnerabilities and threat vectors to refine detection capabilities.

Detection Strategy Implementation: Apply both endpoint and log-based detection techniques to identify and neutralize threats.

SIEM Content Engineering: Design and tailor SIEM elements—rules, dashboards, and ML-based alerts—to meet client-specific needs.

Cross-Platform Data Correlation: Integrate data from cloud, network, and endpoint sources to detect unauthorized activities.

Alert Review & Incident Documentation: Analyze alerts from SIEM and other sensors, and produce detailed technical incident reports.

Phishing Threat Analysis: Evaluate suspicious emails to determine risk levels and recommend appropriate countermeasures.

Incident Response Support: Assist in containment and remediation efforts during security breaches.

Collaboration with Threat Teams: Work closely with threat intelligence and hunting teams to stay informed on evolving threat landscapes.

Security Tool Assessment: Participate in evaluating new cybersecurity tools and analytics for integration into managed services.

Breach Investigation: Contribute to investigations of both large-scale and isolated security incidents.

Stakeholder Engagement: Communicate findings and incident details effectively to internal and external stakeholders.

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to [email protected] learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.

Skills and Requirements

*Minimum 4 years of experience in cybersecurity.

*Elastic SIEM Mastery: Skilled in using Elastic SIEM for threat detection and response; familiarity with Kibana, Logstash, Ingest Pipelines, Enterprise Search, or Observability.

*EDR SME (Elastic, CrowdStrike, Microsoft, etc.)

*Secret Clearance *Certifications such as CISSP, CEH, GCIH, or Elastic Certified Analyst.

*Prior experience in a Security Operations Center (SOC).

*Familiarity with EDR, SIEM, SOAR, and ticketing systems.

*Understanding of threat actor tactics, techniques, and procedures (TTPs).

*Ability to perform ad hoc scripting in any language.

*Possession of entry-level cybersecurity certifications (e.g., A+, Net+, Sec+, GSEC).