TDR Senior Analyst

About WFS

Join our Worldwide Flight Services family and contribute to the timely delivery of cargo shipment, luggage, business to customer delivery, and on-time flights while operating safely and securely. We perform at the highest level for our customers every day and strive to be an exceptional leader in our industry with our teams of cargo, passenger, ramp handling, and technical service experts in 164 airport locations, 18 countries, and on 5 continents. Are you ready to take off on your next career with us?

Job Summary

This role serves as a senior technical contributor within the Threat Detection and Response (TDR) team, responsible for advanced detection engineering, incident response support, automation, and proactive threat hunting across a global environment. The position supports a distributed security operations model with team members across North America, EMEA, and APAC.

The TDR Senior Analyst brings deep technical expertise and acts as a functional leader for complex investigations, detection strategy, and continuous improvement of monitoring and response capabilities. This role provides technical guidance and mentoring to other analysts, drives the development and tuning of detection and response workflows, and helps mature automation and tooling across the TDR function. A strong background in systems and network engineering is highly preferred to support advanced investigation, detection design, and platform integration.

Responsibilities

• Oversee and drive investigations into complex security events by determining scope, severity, escalation requirements, urgency, and ensuring relevant evidence is identified and preserved.
• Perform and oversee incident root cause analysis to identify attack vectors, impacted systems, and contributing control gaps.
• Execute and coordinate end-to-end incident response activities, including rapid threat containment, eradication of malicious artifacts, and system recovery and restoration.
• Partner with and coordinate across global IT and security stakeholders to ensure timely, aligned response actions and effective threat remediation.
• Conduct and guide proactive threat-hunting activities across a global, distributed technology environment in alignment with established detection and response processes.
• Proactively hunt for indicators of compromise and hidden threats in logs, network traffic, and endpoint telemetry. 
• Continuously tune SIEM/EDR detection rules, thresholds, and automation playbooks—automating repetitive response actions
• Coordinate with cross-functional teams (IT, DevOps, Business, etc.) during high-impact incidents and translating complex technical findings into clear, actionable insights for non-technical stakeholders
• Work closely with global SOC team members and collaborate with colleagues in other regions (e.g. joint investigations or hand-offs) to ensure seamless coverage and knowledge sharing
• Document repeatable investigation steps, findings, and actions taken for each incident type in a clear and concise manner. Prepare incident reports and contribute to post-incident review meetings, highlighting what occurred, how it was resolved, and recommendations to prevent future occurrences

Minimum Requirements

• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or equivalent threat management & incident response experience
• Currently hold cybersecurity certifications such as GCIH, GCFA, GCIA, CEH, etc
• 5 years of progressive experience in at least three of the following disciplines:
  • Threat Detection & Analysis
  • Incident Response & Management
  • Threat Hunting
  • Cyber Threat Intelligence
  • Network Security
  • Securing and monitoring operating system and cloud environments
• Function as a Level 3 SOC Analyst (analyzing and responding to cybersecurity incidents)
• Advanced understanding of emerging threats, zero-day vulnerabilities, and common attack vectors (phishing, malware, ransomware, lateral movement) with the ability to ensure rapid detection and response
• Technical expertise in forensics, network analysis, identity-based attacks, systems and network engineering 
• Hands-on experience using SIEM and EDR platforms for centralized log analysis, real-time threat monitoring, and in-depth incident investigations

Preferred Skills

• Experience with automation tools and some proficiency and the shell and with scripting languages (e.g., Python, PowerShell) to automate repetitive tasks and streamline investigations
• Use hypothesis-driven techniques and knowledge of attacker behavior to uncover threats that evaded detection
• Leverage threat intelligence to enrich analysis and response. Stay up to date on new vulnerabilities and
• Assist in developing and updating incident response playbooks, standard operating procedures, and knowledge base documentation adversary tactics adjusting monitoring rules and detection strategies
• Conduct proactive threat hunting operations to map adversary techniques, uncover stealthy threats, and close gaps in standard detection coverage

Physical Requirements/Working Conditions

• Some domestic travel for project rollouts and NA IT group meetings (~10%).
• Remain in a stationary position 50% of the time.
• Constantly operates a computer and other office productivity machinery.
• Handle/grasp documents or office equipment.
• Sit and/or stand for short or extended periods.
• Work in an office environment using standard office equipment.
• Talk, listen, and speak clearly on the telephone.

Perks & Benefits

• Want your pay in advance?  Access your pay when you need it through DailyPay app!
• Are you a top performer who thrives on recognition?  On the spot awards offered through the Awardco Platform including gift cards and more!
• Need quality medical care?   Multiple options for both full and part-time employees!
• Want WFS Employee Extras? Travel Discounts, Pet insurance, Discount Shopping & More!
• Looking to stay healthy and improve your life?  Wellness Programs offered to all employees!
• Want to invest in your future?  401k program offered!
• Looking to grow and have a career with us?  Opportunity for Internal Mobility and transfers available!

WFS is an equal opportunity employer committed to employment equity and inclusion. We accept applications from all qualified individuals.