AI Summary
Experienced Senior TDIR Analyst to lead high-severity incident response and enhance detection capabilities. Requires strong technical leadership, Splunk proficiency, and hands-on experience in enterprise SOC environments. This is a remote, 6-month contract role with potential for extension.
Key Highlights
Lead high-severity security incidents end-to-end.
Build and enhance threat detection capabilities, not just monitor alerts.
Hands-on senior-level role, not a Tier 1 SOC position.
Key Responsibilities
Lead response efforts during high-severity security incidents.
Take clear ownership and make informed decisions under pressure.
Build and enhance detection capabilities—not just monitor alerts.
Collaborate effectively across security and enterprise teams.
Continuously improve detection coverage, response speed, and operational maturity.
Lead and support incident response across the full lifecycle: detection, containment, eradication, recovery, and post‑incident review.
Serve as incident commander during high‑severity events by driving clear response plans, assigning tasks and ownership, maintaining operational momentum, and escalating with accuracy, context, and sound judgment.
Participate in an on‑call rotation, including weekends and holidays, as required.
Conduct proactive threat hunting and detection engineering using EDR platforms (CrowdStrike preferred).
Develop, tune, and maintain Splunk SPL queries, dashboards, and alerts.
Apply hypothesis‑driven research techniques to expand detection coverage and reduce adversary dwell time.
Partner with threat intelligence teams to convert intelligence into actionable detections.
Contribute to automation, tooling enhancements, and workflow optimization.
Support cross‑functional security initiatives and enterprise‑wide cybersecurity projects.
Technical Skills Required
Benefits & Perks
Remote
Nice to Have
CrowdStrike
Threat hunting and detection engineering experience
Familiarity with the threat intelligence lifecycle and analytical frameworks (e.g., Diamond Model)
Hypothesis-driven detection or automation development experience
Working knowledge of network protocols and infrastructure
CCNA certification
GCIH
GCIA
GCFA
GMON
GNFA
OSCP
CCFA
Job Description
Dice is the leading career destination for tech experts at every stage of their careers. Our client, Bayforce, is seeking the following. Apply via Dice today!
- NO 3rd Parties or Sponsorship!
Location: Remote
Threat Detection & Incident Response (TDIR) Analyst – Senior
We are seeking an experienced Threat Detection & Incident Response (TDIR) Analyst to join our global cybersecurity team. This is a hands-on senior-level role, not a Tier 1 SOC position.
The ideal candidate is a confident technical leader who can own high-severity incidents end-to-end, make sound decisions under pressure, and continuously improve detection and response capabilities across the enterprise.
In this role, you will:
- Lead response efforts during high-severity security incidents
- Take clear ownership and make informed decisions under pressure
- Build and enhance detection capabilities—not just monitor alerts
- Collaborate effectively across security and enterprise teams
- Continuously improve detection coverage, response speed, and operational maturity
Incident Response & Command
Interested in remote work opportunities in IT & Network Engineering? Discover IT & Network Engineering Remote Jobs featuring exclusive positions from top companies that offer flexible work arrangements.
- Lead and support incident response across the full lifecycle: detection, containment, eradication, recovery, and post‑incident review
- Serve as incident commander during high‑severity events by:
- Driving clear response plans
- Assigning tasks and ownership
- Maintaining operational momentum
- Escalating with accuracy, context, and sound judgment
- Participate in an on‑call rotation, including weekends and holidays, as required
- Conduct proactive threat hunting and detection engineering using EDR platforms (CrowdStrike preferred)
- Develop, tune, and maintain Splunk SPL queries, dashboards, and alerts
- Apply hypothesis‑driven research techniques to expand detection coverage and reduce adversary dwell time
- Partner with threat intelligence teams to convert intelligence into actionable detections
- Contribute to automation, tooling enhancements, and workflow optimization
- Support cross‑functional security initiatives and enterprise‑wide cybersecurity projects
Browse our curated collection of remote jobs across all categories and industries, featuring positions from top companies worldwide.
- Demonstrated experience leading high‑severity security incidents
- Strong sense of ownership, accountability, and prioritization
- Minimum five (5) years of hands‑on experience in Security Operations, Incident Response, or equivalent enterprise SOC environments
- Advanced proficiency with Splunk, including:
- SPL development
- Dashboards and alerts
- Investigations and threat hunting
- Ability to operate effectively in fast‑paced, high-volume, enterprise‑scale environments
- Experience with EDR platforms (CrowdStrike preferred)
- Threat hunting and detection engineering experience
- Familiarity with the threat intelligence lifecycle and analytical frameworks (e.g., Diamond Model)
- Hypothesis‑driven detection or automation development experience
- Working knowledge of network protocols and infrastructure (CCNA certification is a plus)
- Relevant certifications (preferred, not required):
- GCIH, GCIA, GCFA, GMON, GNFA, OSCP, CCFA
Similar Jobs
Explore other opportunities that match your interests
IT Specialist
••••••
••••••
••••••
Job Type
••••••
Experience Level
••••••
fabric
United State
Senior Director of Product Operations
••••••
••••••
••••••
Job Type
••••••
Experience Level
••••••
Paylocity
United State
Visa Sponsorship
Relocation
Remote
Job Type
Full-time
Experience Level
Mid-Senior level
Largeton Group
United State