Sr Security Operations Center Analyst
TQL
Cincinnati, United States of America
3 days ago
Role details
Contract type
Permanent contract Employment type
Full-time (> 32 hours) Working hours
Regular working hours Languages
English Experience level
SeniorJob location
Cincinnati, United States of America
Tech stack
Microsoft Windows
Microsoft Active Directory
Azure
Cloud Computing
Computer Security
Linux
Identity and Access Management
Intrusion Detection and Prevention
Powershell
Phishing
Security Information and Event Management
Software Vulnerability Management
Scripting (Bash/Python/Go/Ruby)
Mitre Att&ck
Malware
Cyber Threat Analysis
Azure Security Center
Information Technology
Microsoft Sentinel
SentinelOne Expertise
Security Orchestration, Automation & Response
Job description
As a Senior Security Operations Center (SOC) Analyst at TQL, you'll help protect one of the nation's largest freight brokerage technology environments by leading the detection, investigation, and response to cybersecurity threats. You'll partner with Infrastructure, Engineering, and Technology teams to strengthen TQL's security posture, improve detection capabilities, and respond to complex security incidents. This role is ideal for an experienced cybersecurity professional who enjoys solving complex problems, mentoring others, and continuously improving security operations.
What you'll be doing:
- Monitor, investigate, and respond to security alerts and incidents across cloud, endpoint, network, and identity environments.
- Lead incident response activities, including investigation, containment, eradication, recovery, root cause analysis, and post-incident documentation.
- Perform proactive threat hunting and leverage threat intelligence to identify emerging threats and improve detection capabilities.
- Develop, tune, and maintain SIEM detection rules, security monitoring content, and incident response playbooks.
- Monitor endpoint detection and response (EDR) tools to identify, investigate, and remediate malicious activity.
- Partner with Infrastructure and Engineering teams to identify, prioritize, and remediate security vulnerabilities.
- Serve as an escalation point for complex security investigations while mentoring junior SOC analysts and contributing to process improvements and security automation.
- Communicate technical findings and security risks to both technical and business stakeholders and support security audits and compliance initiatives.
Requirements
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field preferred; equivalent experience and industry certifications will be considered.
- 5+ years of experience in Security Operations, Incident Response, or a related cybersecurity role.
- Experience investigating malware, phishing, ransomware, insider threats, and other cybersecurity incidents.
- Strong experience with SIEM platforms, security analytics, and log management technologies.
- Hands-on experience with Endpoint Detection and Response (EDR) platforms such as Microsoft Defender for Endpoint, CrowdStrike, or SentinelOne.
- Experience securing and monitoring Microsoft Azure and Microsoft 365 environments.
- Strong understanding of networking, Windows and Linux operating systems, Active Directory, identity security, and cloud infrastructure.
- Experience with vulnerability management, threat intelligence, and modern incident response frameworks such as MITRE ATT&CK and NIST.
- Experience with Microsoft Sentinel, SOAR platforms, PowerShell or Python scripting, and security automation is a plus.
- Industry certifications such as Security+, CySA+, GCIH, GCIA, CISSP, Microsoft SC-200, or AZ-500 are preferred.
- Strong analytical, troubleshooting, communication, and problem-solving skills with the ability to effectively communicate complex security issues to technical and non-technical audiences.