General informationCountry USA
State Ohio
City Cincinnati
Descriptions & requirementsAbout the role:As a Senior Security Operations Center (SOC) Analyst at TQL, you'll help protect one of the nation's largest freight brokerage technology environments by leading the detection, investigation, and response to cybersecurity threats. You'll partner with Infrastructure, Engineering, and Technology teams to strengthen TQL's security posture, improve detection capabilities, and respond to complex security incidents. This role is ideal for an experienced cybersecurity professional who enjoys solving complex problems, mentoring others, and continuously improving security operations.
What you'll be doing:- Monitor, investigate, and respond to security alerts and incidents across cloud, endpoint, network, and identity environments.
- Lead incident response activities, including investigation, containment, eradication, recovery, root cause analysis, and post-incident documentation.
- Perform proactive threat hunting and leverage threat intelligence to identify emerging threats and improve detection capabilities.
- Develop, tune, and maintain SIEM detection rules, security monitoring content, and incident response playbooks.
- Monitor endpoint detection and response (EDR) tools to identify, investigate, and remediate malicious activity.
- Partner with Infrastructure and Engineering teams to identify, prioritize, and remediate security vulnerabilities.
- Serve as an escalation point for complex security investigations while mentoring junior SOC analysts and contributing to process improvements and security automation.
- Communicate technical findings and security risks to both technical and business stakeholders and support security audits and compliance initiatives.
What you need:- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field preferred; equivalent experience and industry certifications will be considered.
- 5+ years of experience in Security Operations, Incident Response, or a related cybersecurity role.
- Experience investigating malware, phishing, ransomware, insider threats, and other cybersecurity incidents.
- Strong experience with SIEM platforms, security analytics, and log management technologies.
- Hands-on experience with Endpoint Detection and Response (EDR) platforms such as Microsoft Defender for Endpoint, CrowdStrike, or SentinelOne.
- Experience securing and monitoring Microsoft Azure and Microsoft 365 environments.
- Strong understanding of networking, Windows and Linux operating systems, Active Directory, identity security, and cloud infrastructure.
- Experience with vulnerability management, threat intelligence, and modern incident response frameworks such as MITRE ATT&CK and NIST.
- Experience with Microsoft Sentinel, SOAR platforms, PowerShell or Python scripting, and security automation is a plus.
- Industry certifications such as Security+, CySA+, GCIH, GCIA, CISSP, Microsoft SC-200, or AZ-500 are preferred.
- Strong analytical, troubleshooting, communication, and problem-solving skills with the ability to effectively communicate complex security issues to technical and non-technical audiences.
Where you'll be: 4289 Ivy Pointe Blvd., Cincinnati, Ohio 45245
Employment visa sponsorship is unavailable for this position. Applicants requiring employment visa sponsorship now or in the future (e.g., F-1 STEM OPT, H-1B, TN, J1 etc.) will not be considered