Sr Security Operations Center Analyst

TQL
Cincinnati, United States of America
3 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Cincinnati, United States of America

Tech stack

Microsoft Windows
Microsoft Active Directory
Azure
Cloud Computing
Computer Security
Linux
Identity and Access Management
Intrusion Detection and Prevention
Powershell
Phishing
Security Information and Event Management
Software Vulnerability Management
Scripting (Bash/Python/Go/Ruby)
Mitre Att&ck
Malware
Cyber Threat Analysis
Azure Security Center
Information Technology
Microsoft Sentinel
SentinelOne Expertise
Security Orchestration, Automation & Response

Job description

As a Senior Security Operations Center (SOC) Analyst at TQL, you'll help protect one of the nation's largest freight brokerage technology environments by leading the detection, investigation, and response to cybersecurity threats. You'll partner with Infrastructure, Engineering, and Technology teams to strengthen TQL's security posture, improve detection capabilities, and respond to complex security incidents. This role is ideal for an experienced cybersecurity professional who enjoys solving complex problems, mentoring others, and continuously improving security operations.

What you'll be doing:

  • Monitor, investigate, and respond to security alerts and incidents across cloud, endpoint, network, and identity environments.
  • Lead incident response activities, including investigation, containment, eradication, recovery, root cause analysis, and post-incident documentation.
  • Perform proactive threat hunting and leverage threat intelligence to identify emerging threats and improve detection capabilities.
  • Develop, tune, and maintain SIEM detection rules, security monitoring content, and incident response playbooks.
  • Monitor endpoint detection and response (EDR) tools to identify, investigate, and remediate malicious activity.
  • Partner with Infrastructure and Engineering teams to identify, prioritize, and remediate security vulnerabilities.
  • Serve as an escalation point for complex security investigations while mentoring junior SOC analysts and contributing to process improvements and security automation.
  • Communicate technical findings and security risks to both technical and business stakeholders and support security audits and compliance initiatives.

Requirements

  • Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field preferred; equivalent experience and industry certifications will be considered.
  • 5+ years of experience in Security Operations, Incident Response, or a related cybersecurity role.
  • Experience investigating malware, phishing, ransomware, insider threats, and other cybersecurity incidents.
  • Strong experience with SIEM platforms, security analytics, and log management technologies.
  • Hands-on experience with Endpoint Detection and Response (EDR) platforms such as Microsoft Defender for Endpoint, CrowdStrike, or SentinelOne.
  • Experience securing and monitoring Microsoft Azure and Microsoft 365 environments.
  • Strong understanding of networking, Windows and Linux operating systems, Active Directory, identity security, and cloud infrastructure.
  • Experience with vulnerability management, threat intelligence, and modern incident response frameworks such as MITRE ATT&CK and NIST.
  • Experience with Microsoft Sentinel, SOAR platforms, PowerShell or Python scripting, and security automation is a plus.
  • Industry certifications such as Security+, CySA+, GCIH, GCIA, CISSP, Microsoft SC-200, or AZ-500 are preferred.
  • Strong analytical, troubleshooting, communication, and problem-solving skills with the ability to effectively communicate complex security issues to technical and non-technical audiences.

Apply for this position