Insight Global
Job Description
o 5+ years of hands-on incident response experience
o Deep expertise in Microsoft Purview (especially DLP, classification taxonomy, restricted policies)
o Strong experience with QRadar and Azure SIEM (including tuning and threat analysis)
o Proficiency in KQL (Kusto Query Language)
o Ability to write and implement technical policies and controls
o Experience working with MSSPs (especially ReliaQuest)
o Experience building or managing SOCs
o Ability to develop and manage KPIs and SLAs for security monitoring
o Strong communication skills with executive stakeholders
o Familiarity with incident response metrics (e.g., incidents/day, resolution time, SLA adherence)
o Experience leading and/or mentoring a team
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.
Skills and Requirements
o This role will lead hands-on incident response activities, including SIEM alert tuning, threat detection, and escalation management in collaboration with the current MSSP (ReliaQuest). The candidate will work extensively with Microsoft Purview (especially DLP), QRadar, and Azure SIEM, writing technical controls and policies, and refining data classification taxonomies to meet audit and compliance needs. They will use KQL for SIEM queries and manage threat detection metrics such as incident volume, resolution time, and SLA adherence. The role involves direct engagement with senior leadership to drive strategic initiatives. Eventually, mid 2026 this person would help build and staff a new 24x7 SOC, transitioning from MSSP dependency, and will be responsible for developing KPIs and SLAs for SOC operations. This is a high-impact role with visibility across executive teams and a strong emphasis on technical execution, strategic planning, and AI/ML integration for incident response o Prior leadership in SOC build-outs
o Experience defining KPIs and SLAs for SOC operations
o Familiarity with generative AI security implications (e.g., ChatGPT-5/OpenAI)
o Experience integrating AI/ML into threat detection null
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal employment opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment without regard to race, color, ethnicity, religion,sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military oruniformed service member status, or any other status or characteristic protected by applicable laws, regulations, andordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to HR@insightglobal.com.
o 5+ years of hands-on incident response experience
o Deep expertise in Microsoft Purview (especially DLP, classification taxonomy, restricted policies)
o Strong experience with QRadar and Azure SIEM (including tuning and threat analysis)
o Proficiency in KQL (Kusto Query Language)
o Ability to write and implement technical policies and controls
o Experience working with MSSPs (especially ReliaQuest)
o Experience building or managing SOCs
o Ability to develop and manage KPIs and SLAs for security monitoring
o Strong communication skills with executive stakeholders
o Familiarity with incident response metrics (e.g., incidents/day, resolution time, SLA adherence)
o Experience leading and/or mentoring a team
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.
Skills and Requirements
o This role will lead hands-on incident response activities, including SIEM alert tuning, threat detection, and escalation management in collaboration with the current MSSP (ReliaQuest). The candidate will work extensively with Microsoft Purview (especially DLP), QRadar, and Azure SIEM, writing technical controls and policies, and refining data classification taxonomies to meet audit and compliance needs. They will use KQL for SIEM queries and manage threat detection metrics such as incident volume, resolution time, and SLA adherence. The role involves direct engagement with senior leadership to drive strategic initiatives. Eventually, mid 2026 this person would help build and staff a new 24x7 SOC, transitioning from MSSP dependency, and will be responsible for developing KPIs and SLAs for SOC operations. This is a high-impact role with visibility across executive teams and a strong emphasis on technical execution, strategic planning, and AI/ML integration for incident response o Prior leadership in SOC build-outs
o Experience defining KPIs and SLAs for SOC operations
o Familiarity with generative AI security implications (e.g., ChatGPT-5/OpenAI)
o Experience integrating AI/ML into threat detection null
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal employment opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment without regard to race, color, ethnicity, religion,sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military oruniformed service member status, or any other status or characteristic protected by applicable laws, regulations, andordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to HR@insightglobal.com.