Principal TDR Analyst

This is a fully remote position, open to applicants in Texas.

📋 Description

• Oversee investigations into intricate events, assess the extent and seriousness of incidents, determine escalation requirements, urgency, and collect pertinent evidence.

• Direct root cause analysis for incidents, pinpoint attack vectors, and identify impacted systems.

• Implement incident response measures from start to finish, including swift containment of threats, removal of malicious artifacts, and restoration of systems.

• Head threat hunting initiatives across a worldwide, distributed technology landscape.

• Actively seek out indicators of compromise and concealed threats within logs, network traffic, and endpoint telemetry.

• Consistently refine SIEM/EDR detection rules, thresholds, and automation playbooks—automating repetitive response tasks.

• Utilize threat intelligence to enhance analysis and response efforts.

• Keep abreast of new vulnerabilities and adversary tactics, adjusting monitoring rules and detection strategies accordingly.

• Conduct proactive threat hunting missions to chart adversary techniques, uncover hidden threats, and bridge gaps in standard detection coverage, while coordinating with cross-functional teams (IT, DevOps, Business, etc.) during significant incidents and translating complex technical findings into clear, actionable insights for non-technical stakeholders.

• Collaborate closely with global SOC team members and engage with colleagues in other regions (e.g., joint investigations or transitions) to guarantee seamless coverage and knowledge sharing.

• Document repeatable investigation processes, findings, and actions taken for each incident type in a clear and concise manner.

• Prepare incident reports and contribute to post-incident review meetings, emphasizing what transpired, how it was resolved, and recommendations to avert future occurrences.

⛳️ Requirements

• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or equivalent experience in threat management & incident response.

• Currently possess cybersecurity certifications such as GCIH, GCFA, GCIA, CEH, etc.

• A decade of progressive experience in at least three of the following areas: Threat Detection & Analysis, Incident Response & Management, Threat Hunting, Cyber Threat Intelligence, Network Security, Securing and monitoring operating systems and cloud environments.

• Operate as a Level 3 SOC Analyst (analyzing and responding to cybersecurity incidents).

• Advanced comprehension of emerging threats, zero-day vulnerabilities, and common attack vectors (phishing, malware, ransomware, lateral movement) with the capability to ensure swift detection and response.

• Practical experience using SIEM and EDR platforms for centralized log analysis, real-time threat monitoring, and comprehensive incident investigations.

• Proficient in command line (win/*nix) and in applying scripting languages for data analysis and investigations.

• Familiarity with cyber threat intelligence feeds and standards, integrating indicators and threat intel into monitoring operations to enhance context and foresee emerging threats.

🏝️ Benefits

• Access your pay when you need it through the DailyPay app!

• On-the-spot awards available through the Awardco Platform, including gift cards and more!

• Multiple options available for both full-time and part-time employees!

• Travel discounts, pet insurance, discount shopping & more!

• Wellness programs provided to all employees!

• 401k program available!

• Opportunities for internal mobility and transfers are available!