Security and Incident Response Lead
Dallas, United States
Full Time Senior-level / Expert USD 105K - 132K
Blue Yonder
Transforming supply chains through an end-to-end platform for planning, execution, commerce and returns.Role: Security and Incident Response Lead
Location: Dallas, TX or Scottsdale, AZ (most be local to either Dallas or Scottsdale but will work remotely)
Synonymous Business Title (s): Security Architect
Overview:
Blue Yonder is a Leading AI-driven Global Supply Chain Solutions Software Product Company and one of Glassdoor’s “Best Places to Work”. This role is responsible for overseeing the detection, investigation, containment, and remediation of security incidents to protect an organization's systems, data, customers and reputation. Candidate will lead high-priority incident response efforts, coordinating with cross-functional teams such as IT, legal, and compliance to mitigate threats effectively.
What you’ll do:
- Monitor and Analyze Security Alerts – Review alerts generated by security systems, appliances, and logs to determine the appropriate course of action to protect the enterprise and reduce overall risk.
- Incident Triage and Response – Quickly assess, prioritize, and respond to security incidents, ensuring timely containment, eradication, and recovery to minimize business impact.
- Root Cause Analysis (RCA) – Investigate security incidents to determine root causes, attack vectors, and vulnerabilities, providing recommendations to reduce the attack surface and prevent recurrence.
- Threat Hunting and Proactive Defense – Conduct proactive threat-hunting activities based on intelligence, anomalies, and adversary tactics to identify and mitigate threats before they escalate.
- Collaboration with Cross-Functional Teams – Work closely with IT, engineering, legal, compliance, and other teams to coordinate incident response efforts and ensure an effective security posture.
- Incident Documentation and Reporting – Maintain detailed documentation of security incidents, response actions, and lessons learned, ensuring continuous improvement in security processes.
- Develop and Improve Incident Response Playbooks – Enhance and maintain incident response procedures, ensuring alignment with industry best practices and emerging threats.
- Security Awareness and Training – Provide guidance, training, and mentorship to SOC analysts and IT staff on security threats, incident handling, and response best practices.
- Threat Intelligence Integration – Leverage threat intelligence sources to stay informed on evolving cyber threats and proactively adjust security strategies to defend against them.
What we are looking for:
- Bachelor's degree in Computer Science, Information Security, or related equivalent experience
- 5+ years of experience in information security, cybersecurity, or security.
- Knowledge of security frameworks such as NIST and ISO 27001
- Familiarity with security regulations and standards (e.g. PCI DSS, HIPAA, etc.)
- Experience with incident response methodologies and tools (e.g. SANS IR, Threat Intelligence, etc.)
- Knowledge of various operating systems, networks, and security technologies
- Security+ or Certified Incident Handler (GCIH) or equivalent certification preferred
- Strong familiarity with cloud security technologies and frameworks across major cloud providers (AWS, Azure, Google Cloud) is essential. The candidate should have experience with cloud-native security monitoring, incident response in cloud environments, and threat detection techniques to protect workloads, data, and identities in hybrid and multi-cloud architectures.
Candidate should have hands-on familiarity with all the below technologies:
- Security Information and Event Management (SIEM)
- Endpoint Detection and Response (EDR) / Extended Detection and Response (XDR)
- Network Security Monitoring & Intrusion Detection/Prevention Systems (IDS/IPS)
- Threat Intelligence Platforms (TIP)
- Security Orchestration, Automation, and Response (SOAR)
- Digital Forensics and Incident Response (DFIR) Tools
- Malware Analysis & Reverse Engineering Tools
- Vulnerability Management & Assessment
- Web Application Security Testing Tools
- Cloud Security Monitoring & Protection
- Email Security & Phishing Protection
- Deception & Honeypot Technologies
- Data Loss Prevention (DLP)
- Privileged Access Management (PAM) & Identity Security
- Firewall & Next-Generation Firewall (NGFW) Solutions
#LI-MH1
-------------------------------------------
The salary range for this position is $105,262 - $132,738
The salary range information provided, reflects the anticipated base salary range for this position based on current national data. Minimums and maximums may vary based on location. Individual salary will be commensurate with skills, experience, certifications or licenses and other relevant factors. In addition, this role will be eligible to participate in either the annual performance bonus or commission program, determined by the nature of the position.
At Blue Yonder, we care about the wellbeing of our employees and those most important to them. This is reflected in our robust benefits package and options that includes:
Comprehensive Medical, Dental and Vision
401K with Matching
Flexible Time Off
Corporate Fitness Program
A variety of voluntary benefits such as; Legal Plans, Accident and Hospital Indemnity, Pet Insurance and much more
At Blue Yonder, we are committed to a workplace that genuinely fosters inclusion and belonging in which everyone can share their unique voices and talents in a safe space. We continue to be guided by our core values and are proud of our diverse culture as an equal opportunity employer. We understand that your career search may look different than others, and embrace the professional, personal, educational, and volunteer opportunities through which people gain experience.
Our Values
If you want to know the heart of a company, take a look at their values. Ours unite us. They are what drive our success – and the success of our customers. Does your heart beat like ours? Find out here: Core Values
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.
Tags: Application security Automation AWS Azure Cloud Compliance Computer Science DFIR EDR Firewalls Forensics GCIH GCP HIPAA Honeypots IDS Incident response Intrusion detection IPS ISO 27001 Malware Monitoring Network security NGFW NIST PCI DSS Reverse engineering SANS SIEM SOAR SOC Threat detection Threat intelligence Vulnerabilities Vulnerability management XDR
Perks/benefits: Equity / stock options Flex vacation Health care Insurance Salary bonus
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.