Job Description

Cyber Security Specialist We are seeking a highly motivated and experienced Cyber Security Specialist to support swing and night shift operations within our 100% remote 24/7/365 Security Operations Center (SOC). You will monitor, analyze, investigate, and respond to threats across hybrid cloud and on-prem environments. This role is ideal for analysts with a strong investigative mindset, technical depth, and a passion for continuous learning. Job Responsibilities: Perform advanced EDR analysis, including alert triage, threat detection, behavioral rule tuning, IOC investigation, and endpoint telemetry enrichment. Support EDR platform administration by managing agent health and deployment, maintaining integration with SIEM and other telemetry pipelines, coordinating policy updates, and partnering with SysAdmins to troubleshoot endpoint and infrastructure-level issues affecting EDR visibility. Conduct digital forensics during incident response by acquiring, preserving, and analyzing endpoint artifacts (e.g., memory, disk, registry, logs); assist with root cause analysis and ensure forensic evidence in accordance with legal and procedural requirements. Provide engineering-focused support on SOC architecture improvements to increase visibility, data fidelity, and detection capabilities across hybrid environments. Perform threat detection, log analysis, and anomaly identification across on-premises and cloud workloads (AWS preferred). Conduct initial incident response and assist with investigations into malware, phishing, lateral movement, privilege misuse, and data exfiltration. Apply threat intelligence to enrich alerts and uncover TTPs using the MITRE ATT&CK framework. Document investigative steps and evidence in the case management system and escalate incidents per SOPs. Participate in threat hunting missions based on hypotheses, intel feeds, and environmental knowledge. Collaborate with engineering, system administrators, and cyber stakeholders to contain and remediate threats. Support compliance efforts by ensuring audit trails, access logs, and investigative artifacts are collected and preserved. Stay current with emerging threats, vulnerabilities, and TTPs targeting cloud and hybrid infrastructures. Maintain situational awareness through active monitoring of CTI sources, advisories, and vulnerability disclosures. Provide summary reports and handoff briefings at the end of each shift. We are a company committed to creating inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity employer that believes everyone matters. Qualified candidates will receive consideration for employment opportunities without regard to race, religion, sex, age, marital status, national origin, sexual orientation, citizenship status, disability, or any other status or characteristic protected by applicable laws, regulations, and ordinances. Skills and Requirements: Splunk AWS cloud Forensic skillsets Threat hunting Incident response Types of alerts ServiceNow/ITSM Education/Experience: Degree educated or equivalent, preferably in a computer science related subject Security+, CySA+, CASP+, GCIH, GCIA, GCFA, GNFA, GDAT, CSA, CEH, or (ISC) SSCP/CISSP 3-5 years experience If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com. Virginia Staffing

Job Tags

Similar Jobs