Security Compliance and Validation Analyst

Insight Global's client is looking for a Security Compliance Analyst to join their team. Candidates will be collaborating with IT Security teams and stakeholders to validate remediation measures based on pen-testing and breach attack simulation findings. They will have to prioritize actions using risk assessments, investigate and resolve security incidents, prepare comprehensive reports, and ensure adherence to industry standards. Candidates will work closely with cross-functional teams to integrate security considerations into all aspects of the organization. They will conduct breach attack simulations and provide actionable recommendations for security improvements. This is a remote role.

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com .

To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/ .

Required Skills & Experience
• Experience/knowledge in penetration testing, vulnerability risk assessment, and breach attack simulations.
• Knowledge of red team, adversary emulation, and purple team concepts and tools.
• Experience in identifying and analyzing false positives in vulnerability scans, penetration testing, and breach simulation results for accurate assessments.
• Strong knowledge of security tools and methodologies (e.g., Metasploit, Burp Suite, InsightVM, Tanium, Microsoft Defender, SEIM, MITRE, etc.).
• Familiar with offensive TTPs (Tactics, Techniques, and Procedures), including post-exploitation and lateral movement.
• Hands-on experience with cyber security assessment reporting
• Excellent analytical and problem-solving skills.
• Strong communication skills, both written and verbal.
• Ability to work independently and as part of a team in a fast-paced environment.
• Experience with at least one cloud environment (AWS, GCP, Azure).
• Experience in gathering and analyzing threat intelligence using platforms like ThreatConnect, Recorded Future, and MISP.

Nice to Have Skills & Experience
• Recognized industry certifications (GPEN, GXPN, GREM, eCPTX, eCPPT, OSCP, OSWE, OSEP, OSED, OSEE, etc.)
• Experience with scripting languages such as Python, Ruby, PowerShell, Bash, etc., and compiled languages such as C/C++, C#, Go, Rust, Java, etc.
• Knowledge of network protocols and technologies.
• Familiarity with cloud security principles and practices.

Strong understanding of security architecture and design.

Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.