.Blue YonderTransforming supply chains through an end-to-end platform for planning, execution, commerce, and returns.Blue Yonder is seeking a "Hands-on" Senior Incident Response Analyst (SOC) who would be responsible for threat detection, monitoring, and incident response. Looking for suitable candidates to join SOC (Security Operations Team) Tier-2 & 3, 24x7 team as Sr. Incident Response Security Analyst. The candidate will be responsible for daily SOC operations and security incident response. The candidate is required to work 5 days a week, which could be weekends as well. This candidate will closely partner with internal security teams across the world.ResponsibilitiesDetect and respond to cyber security threats to ensure your organization operates securely.Partner with the existing internal SOC team across the world and keep the CISO informed about security operations.Act as a liaison between the SOC team, other internal stakeholders, and external parties such as vendors, clients, or regulatory bodies.Develop incident management plans and procedures, surveying the networks for signs of a breach.Coordinate and execute tabletop exercises to practice, develop plans, policies, and procedures.Perform proactive threat hunts to identify threats and assess the state of security controls.Work with in-house red teams in order to detect offensive operations, and capture and action findings.Proactively look for suspicious anomalous activity based on data alerts or data outputs from various toolsets.Drive security incidents end-to-end as incident responders (assess, triage, communication, remediation, documentation).Develop new SIEM use-cases to detect unusual activities.Develop incident response playbooks for emerging threats/attack types.Work on malware analysis, phishing email analysis, and all other alerts reported.Document the lessons learned and improve the process.Responsible for completing the documentation of the investigation; determine the validity and priority of the activity and escalate to senior SOC analysts or leads.Carry out Level 3 triage of incoming issues (initial assessing the priority of the event, initial determination of incident to determine risk and damage or appropriate routing of security or privacy data request).Provide communication and escalation throughout the incident per the SOC guidelines.Identify and manage a wide range of threat intelligence sources to provide a holistic view of the threat landscape and filter out noise to focus and execute upon actionable intelligence.Lead the development of actionable use cases to detect, triage, investigate, and remediate based on latest threat actor trends, support teams with the technical implementation of parsing log sources creating, validating, and testing alerting queries to reduce false positives.Ensure that all security events and incidents (internal/external) are logged into ServiceNow and regularly updated and closed within the set SLAs