at CDW LLC in Chicago, Illinois, United States
Job Description
Principal Threat Detection & Response Operations
Fueled by our shared passion and expertise, CDW delivers innovative technology solutions for our customers. We’re also committed to fostering an environment that embraces collaboration, celebrates integrity, inclusivity, and individuality, and paves the path for personal and professional growth. Experience a life in balance and join us on the journey forward.
Join CDW and help protect delivery of full stack technology solutions and global services for 250K+ customers—including corporate enterprise, government, education, and healthcare industries. You will be on a team dedicated to collaborative delivery of a new global information\ security strategy, operating model, and objectives to accelerate CDW’s business goals in a secure way.
Your role at CDW is of the utmost importance to the company’s mission, objectives, and reputation. As a Principal of Threat Detection Operations, you will play a pivotal role in identifying and analyzing cyber threat tactics, techniques, and procedures—ensuring proactive detection capabilities to aid the global threat detection and response mission. Your responsibilities include four parts:
What you will do:
Threat Detection and Response
Provide technical guidance for the development/improvement of the corporate cybersecurity incident response plan.
Develop incident response methodologies to triage cybersecurity events and incidents.
Collaborate with other coworkers and teams to deploy cybersecurity countermeasures during cybersecurity events and incidents.
Perform post event and incident analysis to prevent re-occurrence.
Perform after action analysis to identify areas and opportunities of improvement to reduce the chance or impact of future events and incidents.
Proactive Threat Detection Engineering
Lead the development of threat detection rules and use cases based on the latest threat intelligence and operational changes within CDW’s global technology ecosystem.
Collaborate with cybersecurity coworkers to develop and implement effective defensive strategies against current and emerging threats.
Provide technical guidance and mentorship to junior team members.
Drive and guide purple team exercises to help test and improve detection capabilities.
Develop and monitor metrics and key performance indicators to measure the effectiveness of the threat detection program.
Threat Hunting
Build and execute regular threat hunting campaigns focused on current, emerging, and obscure tactics, techniques, and procedures.
Proactively search for, identify, and analyze new and existing techniques to detect advanced and targeted threats.
Utilize advanced threat hunting techniques to detect anomalies and suspicious activities that may indicate a compromise.
Develop and maintain threat hunting playbooks, procedures, and best practices to enhance the efficiency and effectiveness of the threat hunting program.
Collaborate with other cybersecurity professionals, including CDW’s
Cybersecurity Services team to scale threat hunting outcomes and insights.
Threat Research and Reporting
Conduct in-depth research and analysis of current and emerging cyber threats, including attack vectors, malware behavior, and procedural tactics, techniques, and procedures.
Utilize Diamond Model and Kill Chain models to track threat actors group profiles, trends, and tradecraft.
Develop high-quality threat insights that are relevant and actionable for CDW’s global security operations centers.
Produce detailed threat analysis reports, threat briefs, and other publications that provide insights into the latest cyber threats and attack analytics.
Collaborate with CDW’s Cybersecurity Services team to publish public threat reports, including themes, trends, and threat actor profiles.
What we expect of you:
Education and/or Experience Qualifications?
Bachelor’s Degree
10 years of experience
Required Qualifications
Who you are:
You thrive on making an impact—for your team, your company, and the industry.
You are extremely hands-on with a passion for technology.
You do not accept the status-quo, and always strive to improve.
You are eager to learn and seek professional development continuously.
You are resourceful, open-minded, analytical and enjoy solving complex problems.
You are diligent and self-motivated.
What we are looking for:
Strong understanding of advanced threat hunting techniques, including the use of EDR tools, network traffic analysis, and other techniques.
Experience with threat intelligence platforms, SIEM, and other cybersecurity tools and technologies such as the following: Microsoft Defender, CrowdStrike XDR, Palo Alto XSOAR, Microsoft Sentinel, Microsoft Azure Active Directory, Splunk Enterprise Security.
Strong analytical and problem-solving skills, with... For full info follow application link.
CDW is an affirmative action/equal opportunity employer committed to a diverse and inclusive workplace.
