Sr Security Operations Center Analyst
Total Quality Logistics · Cincinnati, OH · 3 days ago
Information TechnologyFull-time
About the role
As a Senior Security Operations Center (SOC) Analyst at TQL, you'll help protect one of the nation's largest freight brokerage technology environments by leading the detection, investigation, and response to cybersecurity threats. You'll partner with Infrastructure, Engineering, and Technology teams to strengthen TQL's security posture, improve detection capabilities, and respond to complex security incidents. This role is ideal for an experienced cybersecurity professional who enjoys solving complex problems, mentoring others, and continuously improving security operations.
What you'll be doing
- Monitor, investigate, and respond to security alerts and incidents across cloud, endpoint, network, and identity environments.
- Lead incident response activities, including investigation, containment, eradication, recovery, root cause analysis, and post-incident documentation.
- Perform proactive threat hunting and leverage threat intelligence to identify emerging threats and improve detection capabilities.
- Develop, tune, and maintain SIEM detection rules, security monitoring content, and incident response playbooks.
- Monitor endpoint detection and response (EDR) tools to identify, investigate, and remediate malicious activity.
- Partner with Infrastructure and Engineering teams to identify, prioritize, and remediate security vulnerabilities.
- Serve as an escalation point for complex security investigations while mentoring junior SOC analysts and contributing to process improvements and security automation.
- Communicate technical findings and security risks to both technical and business stakeholders and support security audits and compliance initiatives.
What you need
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field preferred; equivalent experience and industry certifications will be considered.
- 5+ years of experience in Security Operations, Incident Response, or a related cybersecurity role.
- Experience investigating malware, phishing, ransomware, insider threats, and other cybersecurity incidents.
- Strong experience with SIEM platforms, security analytics, and log management technologies.
- Hands-on experience with Endpoint Detection and Response (EDR) platforms such as Microsoft Defender for Endpoint, CrowdStrike, or SentinelOne.
- Experience securing and monitoring Microsoft Azure and Microsoft 365 environments.
- Strong understanding of networking, Windows and Linux operating systems, Active Directory, identity security, and cloud infrastructure.
- Experience with vulnerability management, threat intelligence, and modern incident response frameworks such as MITRE ATT&CK and NIST.
- Experience with Microsoft Sentinel, SOAR platforms, PowerShell or Python scripting, and security automation is a plus.
- Industry certifications such as Security+, CySA+, GCIH, GCIA, CISSP, Microsoft SC-200, or AZ-500 are preferred.
- Strong analytical, troubleshooting, communication, and problem-solving skills with the ability to effectively communicate complex security issues to technical and non-technical audiences.
Where you'll be
4289 Ivy Pointe Blvd., Cincinnati, Ohio 45245
Pay
TBD
Schedule
TBD
Benefits
TBD