Principal TDR Analyst

About WFS

Join our Worldwide Flight Services family and contribute to the timely delivery of cargo shipment, luggage, business to customer delivery, and on-time flights while operating safely and securely. We perform at the highest level for our customers every day, and strive to be an exceptional leader in our industry with our teams of cargo, passenger, ramp handling, and technical service experts in 227 airport locations in 27 countries on 5 continents. Are you ready to take off on your next career with us?

Job Summary

The Cyber Security Principal TDR Analyst position is a subject matter expert who serves as a senior threat detection and response analyst with day-to-day focus on detection, incident response, tuning, automation, and threat hunting. The role supports a global organization with team members in North America, EMEA, and APAC regions.

This senior analyst role combines technical expertise with a background that includes mentoring team members, leading complex investigations, implementing automation, creating new detection capabilities, and continuously improving their own knowledge and skillset. Additionally, having a background in systems and network engineering is ideal.

Responsibilities

• Lead investigations into complex events, determine the scope and severity of incidents, escalation needs, urgency, and gather relevant evidence
• Lead incident root cause analysis, identify attack vectors, and affected systems
• Execute incident response actions end-to-end – including rapid containment of threats, eradication of malicious artifacts, and system restoration
• Lead threat hunting operations across a global, distributed technology environment
• Proactively hunt for indicators of compromise and hidden threats in logs, network traffic, and endpoint telemetry. Use hypothesis-driven techniques and knowledge of attacker behavior to uncover threats that evaded detection
• Continuously tune SIEM/EDR detection rules, thresholds, and automation playbooks—automating repetitive response actions
• Leverage threat intelligence to enrich analysis and response. Stay up to date on new vulnerabilities and adversary tactics adjusting monitoring rules and detection strategies
• Conduct proactive threat hunting operations to map adversary techniques, uncover stealthy threats, and close gaps in standard detection coverage
• coordinate with cross-functional teams (IT, DevOps, Business, etc.) during high-impact incidents and translating complex technical findings into clear, actionable insights for non-technical stakeholders
• Work closely with global SOC team members and collaborate with colleagues in other regions (e.g. joint investigations or hand-offs) to ensure seamless coverage and knowledge sharing
• Document repeatable investigation steps, findings, and actions taken for each incident type in a clear and concise manner. Prepare incident reports and contribute to post-incident review meetings, highlighting what occurred, how it was resolved, and recommendations to prevent future occurrences

Minimum Requirements

• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or equivalent threat management & incident response experience
• Currently hold cybersecurity certifications such as GCIH, GCFA, GCIA, CEH, etc
• 10 years of progressive experience in at least three of the following disciplines:
  • Threat Detection & Analysis
  • Incident Response & Management
  • Threat Hunting
  • Cyber Threat Intelligence
  • Network Security
  • Securing and monitoring operating system and cloud environments
• Function as a Level 3 SOC Analyst (analyzing and responding to cybersecurity incidents)
• Advanced understanding of emerging threats, zero-day vulnerabilities, and common attack vectors (phishing, malware, ransomware, lateral movement) with the ability to ensure rapid detection and response
• Hands-on experience using SIEM and EDR platforms for centralized log analysis, real-time threat monitoring, and in-depth incident investigations
• Be proficient at the command line (win/*nix) and in applying scripting languages for data analysis and investigations
• Familiarity with cyber threat intelligence feeds and standards, incorporating indicators and threat intel into monitoring operations to enrich context and anticipate emerging threat

Physical Requirements/Working Conditions

• Some domestic travel for project rollouts and NA IT group meetings (~10%).
• Remain in a stationary position 50% of the time.
• Constantly operates a computer and other office productivity machinery.
• Handle/grasp documents or office equipment.
• Sit and/or stand for short or extended periods.
• Work in an office environment using standard office equipment.
• Talk, listen, and speak clearly on the telephone.

Perks & Benefits

• Want your pay in advance?  Access your pay when you need it through DailyPay app!
• Are you a top performer who thrives on recognition?  On the spot awards offered through the Awardco Platform including gift cards and more!
• Need quality medical care?   Multiple options for both full and part-time employees!
• Want WFS Employee Extras? Travel Discounts, Pet insurance, Discount Shopping & More!
• Looking to stay healthy and improve your life?  Wellness Programs offered to all employees!
• Want to invest in your future?  401k program offered!
• Looking to grow and have a career with us?  Opportunity for Internal Mobility and transfers available!

WFS is an equal opportunity employer committed to employment equity and inclusion. We accept applications from all qualified individuals.