Incident Detection and Response Engineer

Incident Detection and Response Engineer

Join to apply for the Incident Detection and Response Engineer role at Total Quality Logistics

4 days ago Be among the first 25 applicants

Join to apply for the Incident Detection and Response Engineer role at Total Quality Logistics

Get AI-powered advice on this job and more exclusive features.

As the Incident Detection & Response Engineer for TQL, you will design, build and maintain the systems, integrations and automation that power the organization’s incident detection and response capabilities. This role focuses on creating resilient, scalable tools and detection logic that enable the Security Operations Center (SOC) and Incident Response (IR) teams to detect and respond to threats faster and more effectively.

What’s in it for you:

• $95,000-$135,000 base + performance bonus
• Position based in Cincinnati, OH;
  Charlotte, NC; or Tampa, FL (relocation assistance provided)
• Advancement opportunities with aggressive and structure career paths
• A culture of continuous education and technical training with reimbursements available
• Hybrid work environment with the ability to work remotely 40 hours per month
• Health, dental and vision coverage
• 401(k) with company match
• Perks including employee discounts, financial wellness planning, tuition reimbursement and more
• Certified Great Place to Work and voted a Computerworld Best Places to Work in IT

What you’ll be doing:

• Deploy, configure, and maintain SIEM platforms, intrusion detection systems, and other SOC tools
• Design and implement scalable detection logic and correlation rules in SIEM, EDR/XDR, and cloud-native security platforms
• Build data pipelines and integrations to enrich security telemetry from endpoints, networks, and cloud sources
• Ensure security monitoring tools collect accurate, actionable data
• Collaborate with incident responders to codify behavioral analytics and detection logic using MITRE ATT&CK and other models
• Create APIs, dashboards, and data visualizations to support threat hunting and incident triage
• Continuously improve tooling performance, reliability, and usability through feedback from incident responders
• Evaluate and integrate open-source and commercial security tools into the detection and response ecosystem
• Contribute to red/purple team exercises by building simulation and detection validation tooling
• Work with security leadership to define and track metrics for detection coverage, response time, alert fidelity, and tooling effectiveness
• Develop and maintain detection-as-code frameworks using version control and CI/CD pipelines

What you need:

• Bachelor’s degree in Computer Science, Software Engineering, or related field, or equivalent combination of education and experience
• Certifications such as GCDA, GCTI, or relevant cloud security credentials preferred
• 3+ years experience in incident response or security operations
• Experience managing and maintaining security solutions, SIEM, log ingestion pipelines, and API integrations
• Proficiency in Python, Go, Powershell, or similar languages used in security tooling
• Strong understanding of cloud-native architectures (Azure, AWS, GCP) and associated security services
• Familiarity with infrastructure-as-code (Terraform, Ansible) and CI/CD pipelines
• Solid grasp of detection engineering principles and adversary techniques (MITRE ATT&CK, kill chain)
• Knowledge of data streaming/search technologies (e.g., Kafka, Elasticsearch)

Employment visa sponsorship is unavailable for this position. Applicants requiring employment visa sponsorship now or in the future (e.g., F-1 STEM OPT, H-1B, TN, J1 etc.) will not be considered.

Referrals increase your chances of interviewing at Total Quality Logistics by 2x

Apply BELOW