Sr. Cybersecurity Incident Response Analyst

Location: Monterrey, MexicoRole: Sr.Cybersecurity Incident Response Analyst (Threat Hunting)Blue Yonder Job Profile: Sr.Security Engineer, Security ArchitectOverviewBlue Yonder, a leading supply chain software company, is seeking a Sr Cybersecurity Incident Response Analyst (Threat Hunting) to join its Security Operations (SOC) team.The successful candidate will be responsible for assisting with the organization's Tier 2 incident response efforts in the event of a security breach or cyber-attack.This role requires strong technical skills, attention to detail, and the ability to work under pressure.The Sr Incident Response Analyst will work closely with the Security team to develop and maintain incident response plans, conduct investigations, and provide technical guidance and support during incident response activities.Blue Yonder is seeking a candidate with a deep passion for cybersecurity, eager to stay ahead of emerging threats and continuously enhance our security posture.The ideal candidate is driven, proactive, and committed to protecting the enterprise through effective threat detection, response, and mitigation strategies.Scope/ResponsibilitiesThis role is responsible for assisting with the detection, investigation, containment, and remediation of security incidents to protect an organization's systems, data, customers and reputation.They lead high-priority incident response efforts, coordinating with cross-functional teams such as IT, legal, and compliance to mitigate threats effectively.Technical EnvironmentCandidate should be very familiar with all the belowSecurity Information and Event Management (SIEM)Endpoint Detection and Response (EDR) / Extended Detection and Response (XDR)Network Security Monitoring & Intrusion Detection/Prevention Systems (IDS/IPS)Threat Intelligence Platforms (TIP)Security Orchestration, Automation, and Response (SOAR)Digital Forensics and Incident Response (DFIR) ToolsMalware Analysis & Reverse Engineering ToolsVulnerability Management & AssessmentWeb Application Security Testing ToolsCloud Security Monitoring & ProtectionEmail Security & Phishing ProtectionDeception & Honeypot TechnologiesData Loss Prevention (DLP)Privileged Access Management (PAM) & Identity SecurityFirewall & Next-Generation Firewall (NGFW) SolutionsWhat you'll doMonitor and Analyze Security Alerts – Review alerts generated by security systems, appliances, and logs to determine the appropriate course of action to protect the enterprise and reduce overall risk.Incident Triage and Response – Quickly assess, prioritize, and respond to security incidents, ensuring timely containment, eradication, and recovery to minimize business impact.Root Cause Analysis (RCA) – Investigate security incidents to determine root causes, attack vectors, and vulnerabilities, providing recommendations to reduce the attack surface and prevent recurrence.Threat Hunting and Proactive Defense – Conduct proactive threat-hunting activities based on intelligence, anomalies, and adversary tactics to identify and mitigate threats before they escalate.Collaboration with Cross-Functional Teams – Work closely with IT, engineering, legal, compliance, and other teams to coordinate incident response efforts and ensure an effective security posture.Incident Documentation and Reporting – Maintain detailed documentation of security incidents, response actions, and lessons learned, ensuring continuous improvement in security processes.Develop and Improve Incident Response Playbooks – Enhance and maintain incident response procedures, ensuring alignment with industry best practices and emerging threats.Security Awareness and Training – Provide guidance, training, and mentorship to SOC analysts and IT staff on security threats, incident handling, and response best practices.Threat Intelligence Integration – Leverage threat intelligence sources to stay informed on evolving cyber threats and proactively adjust security strategies to defend against them.Strong familiarity with cloud security technologies and frameworks across major cloud providers (AWS, Azure, Google Cloud) is essential.The candidate should have experience with cloud-native security monitoring, incident response in cloud environments, and threat detection techniques to protect workloads, data, and identities in hybrid and multi-cloud architectures.What we are looking forBachelor's degree in Computer Science, Information Security, or related equivalent experience5+ years of experience in information security, cybersecurity, or related fieldStrong technical skills and attention to detailExcellent verbal and written communication skillsAbility to work independently and as part of a teamAbility to work under pressure and in a fast-paced environmentStrong problem-solving skills and a proactive approach to workKnowledge of security frameworks such as NIST and ISO *****Familiarity with security regulations and standards (e.g. PCI DSS, HIPAA, etc.)Experience with incident response methodologies and tools (e.g. SANS IR, Threat Intelligence, etc.)All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.#J-*****-Ljbffr