Threat Detection/Incident Response (TDIR) Analyst

Job Title: Threat Detection/Incident Response (TDIR) Analyst Address: United States Job Description Lead and support incident response activities across the full lifecycle: detection, containment, eradication, recovery, and post-incident documentation. Serve as incident commander during high-severity security events by driving response plans, assigning ownership and tasks, and maintaining operational tempo. Conduct proactive threat hunting and detection engineering using EDR platforms, preferably CrowdStrike. Develop, tune, and maintain Splunk SPL queries, dashboards, and alerts to support detection and investigation workflows. Collaborate closely with threat intelligence teams to translate intelligence into actionable detections. Support cross-functional security initiatives and contribute to automation, tooling improvements, and workflow optimization. Critical Information Must reside in one of the following states: Alabama, California, Georgia, Indiana, Kentucky, Michigan, Missouri, Ohio, North Carolina, Pennsylvania, South Carolina, Tennessee, Texas, Florida, Washington. Participate in an on-call rotation, including weekends and holidays, as required. Education/Licenses Needed 5–10 years of hands-on experience in Security Operations, Incident Response, or equivalent SOC environments. Advanced proficiency with Splunk, including SPL development, dashboards, investigations, and threat hunting. Relevant certifications are a plus: GCIH, GCIA, GCFA, GMON, GNFA, OSCP, CCFA. Benefits: Benefits are available to full-time employees after 90 days of employment. A 401(k) with company match is available after 1 year of service. This is an AI-formatted job description; recruiter confirmation required.