Senior Incident Response Analyst

1 Month ago • 3-6 Years

About the job

SummaryBy Outscal

Join Blue Yonder as a Senior Incident Response Analyst in Monterrey. You'll be responsible for threat detection, monitoring, and incident response. Must have experience with SIEM, SOAR, WAF, AV, Firewalls, and malware analysis.
Title: Senior Incident Response Analyst (SOC)
Location: Monterrey, N.L.

Blue Yonder is seeking a “Hands-on” Senior Incident Response Analyst (SOC) who would be responsible for threat detection, monitoring and Incident response. Looking for suitable candidates to join SOC (Security Operations Team) Tier-2 & 3, 24x7 team as Sr. Incident Response Security Analyst. The candidate will be responsible for Daily SOC Operations and security incident response. The candidate is required to work 5 days a week, which could be weekends as well. This candidate will closely be partnering with internal security teams across the world.

Responsibilities

  • Detect and respond to cyber security threats to ensure your organization operates securely.

  • Partner with the existing internal SOC team across the world and keep the CISO informed about security operations.

  • Act as a liaison between the SOC team, other internal stakeholders, and external parties such as vendors, clients or regulatory bodies.

  • Develop incident management plans and procedures, surveying the networks for signs of a breach.

  • Coordinating and executing tabletop exercises to practice, develop plans, policies and procedures.

  • Perform proactive threat hunts to identify threats and assess the state of security controls.

  • Work with in-house red teams in order to detect offensive operations, and capture and action findings.

  • Proactively look for suspicious anomalous activity based on data alerts or data outputs from various toolsets.

  • Drive Security Incidents end-end as Incident Responders (Asses, Triage, Communication, Remediation, Documentation)

  • Develop new SIEM use-cases to detect un-usual activities.

  • Develop Incident Response Playbooks for emerging Threats/attack types.

  • Work on malware analysis, Phishing email analysis, and all other alerts reported.

  • Document the lessons learned and improve the process.

  • Responsible for completing the documentation of the investigation; determine the validity and priority of the activity and escalate to senior SOC analysts or leads.

  • Carry out Level 3 triage of incoming issues (initial assessing the priority of the event, initial determination of incident to determine risk and damage or appropriate routing of security or privacy data request)

  • Provide communication and escalation throughout the incident per the SOC guidelines.

  • Identify and manage a wide range of threat intelligence sources to provide a holistic view of the threat landscape and filter out noise to focus and execute upon actionable intelligence.

  • Leading the development of actionable use cases to detect, triage, investigate and remediate based on latest threat actor trends, support teams with the technical implementation of parsing log sources creating, validating and testing alerting queries to reduce false positives.

  • Ensure that all security events and incidents (internal / external) are logged into ServiceNow and regularly updated and closed within the set SLAs

Qualifications

  • At lest 3-6 years of proven experience in Security incident response and SOC Operations

  • Practical experience with threat detection, monitoring and incident response and implementation

  • Ability to query and write detection rules, in Security tools, (i.e., SIEM (Qradar / Splunk), SOAR, WAF, AV, Firewalls, Internet-facing services).

  • Strong technical understanding of network/OS fundamentals and common Internet protocols, specifically DNS, HTTP, HTTPS

  • Experience conducting technical analysis of security events including Malware analysis, Phishing, and digital forensics.

  • Strong written and oral communication skills.

  • Experience in investigating security issues and / or complex operational issues on Windows and Linux

  • Knowledge of email security threats and security controls, including analyzing email headers, Web attack, network traffic analysis using tools such as Wireshark.

  • Experience reviewing system and application logs (e.g., web or mail server logs)

  • Familiarity with core concepts of security incident response, e.g., the typical phases of response, vulnerabilities vs threats vs actors, Indicators of Compromise (IoCs), etc.

  • Certifications such as GCIH, GCIA, GSEC, CEH, Security+, SSCP.

  • Results focused and attention to detail.

  • Available to work outside of their shift when needed.

At Blue Yonder, we care about the wellbeing of our employees and those most important to them. This is reflected in our robust benefits package and options that includes

  • Competitive Salary

  • Christmas Bonus (30 days)

  • Savings Fund

  • 15 Vacation Days on first two year and 60% Vacation bonus

  • Major and Minor Medical Service insurance for you and your family

  • Life Insurance

  • Totalpass

  • Annual bonus

  • And more to be shared!

#LI-JA1

Our Values


If you want to know the heart of a company, take a look at their values. Ours unite us. They are what drive our success – and the success of our customers. Does your heart beat like ours? Find out here: Core Values

Diversity, Inclusion, Value & Equality (DIVE) is our strategy for fostering an inclusive environment we can be proud of. Check out Blue Yonder's inaugural Diversity Report which outlines our commitment to change, and our video celebrating the differences in all of us in the words of some of our associates from around the world.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.

Karnataka, India (On-Site)

Telangana, India (On-Site)

Karnataka, India (On-Site)

Telangana, India (On-Site)

England, United Kingdom (On-Site)

Masovian Voivodeship, Poland (On-Site)

Masovian Voivodeship, Poland (On-Site)

Masovian Voivodeship, Poland (On-Site)

View All Jobs

Similar Skill Jobs

Tencent - Senior Product Solution Architect - Tencent Cloud EdgeOne

Federal Territory Of Kuala Lumpur, Malaysia (On-Site)

Tencent - Cloud Engineer

Singapore (On-Site)

Nasdaq - Application Support Analyst

New South Wales, Australia (Hybrid)

Nasdaq - Technical Analyst, Calypso, Fintech

New South Wales, Australia (Hybrid)

Nasdaq - Application Support Analyst

New South Wales, Australia (Hybrid)

Nasdaq - Technical Analyst, Calypso, Fintech

New South Wales, Australia (Hybrid)

eBay - Senior Rust Developer (MTS1/2)

Shanghai, China (On-Site)

Jobs in Monterrey, Nuevo Leon, Mexico

Liquid Development - Asset Coordinator

Mexico City, Mexico (Remote)

Brillio - Manual Engineer - R01543217

Jalisco, Mexico (Hybrid)

Nielsen - Advertiser Lead Latam

Mexico City, Mexico (Hybrid)

Diligent Corporation - Contract Administrator

Jalisco, Mexico (On-Site)

Hasbro - HR Manager

Mexico City, Mexico (On-Site)

Hasbro - Assoc Manager Digital Marketing

Mexico City, Mexico (On-Site)

Software Engineering Jobs

Aristocrat Gaming - Payout & Risk Operator

New Hampshire, United States (Hybrid)

Scientific Games  - Package Assembly Tech II

Georgia, United States (On-Site)

Activision - Lead Network Programmer

Masovian Voivodeship, Poland (On-Site)

Warner Bros. Games - Staff Data Engineer- C360, Hyderabad

Telangana, India (Hybrid)

Warner Bros. Games - Data Engineer II - C360, Hyderabad

Telangana, India (Hybrid)

Aristocrat Gaming - QA Manual (Pasino)

Masovian Voivodeship, Poland (Hybrid)

Aristocrat Gaming - QA Manual (Pasino)

Lesser Poland Voivodeship, Poland (Hybrid)

DraftKings - Software Engineering Manager

Massachusetts, United States (On-Site)

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug