Principal, Threat Operationsat CDW Careers

Join CDW and help protect delivery of full stack technology solutions and global services for 250K+ customers—including corporate enterprise, government, education, and healthcare industries. You will be on a team dedicated to collaborative delivery of a new global information security strategy, operating model, and objectives to accelerate CDW’s business goals in a secure way.

Your role at CDW is of the utmost importance to the company’s mission, objectives, and reputation. As the Lead and Principal of Threat Operations, you will play a pivotal role in identifying and analyzing cyber threat tactics, techniques, and procedures—ensuring proactive detection capabilities to aid the global threat detection and response mission. Your responsibilities include three parts:

Key Areas of Responsibilities 

Threat Detection Engineering

• Lead the development of threat detection rules and use cases based on the latest threat intelligence and operational changes within CDW’s global technology ecosystem.
• Develop and monitor metrics and key performance indicators to measure the effectiveness of the threat detection program.
• Provide technical guidance and mentorship to junior team members (direct reports and indirect reports).
• Drive and guide purple team exercises to help test and improve detection capabilities.
• Collaborate with cybersecurity coworkers to develop and implement effective defensive strategies against current and emerging threats.

Threat Hunting

• Build and execute regular threat hunting campaigns focused on current, emerging, and obscure tactics, techniques, and procedures.
• Proactively search for, identify, and analyze new and existing techniques to detect advanced and targeted threats.
• Utilize advanced threat hunting techniques to detect anomalies and suspicious activities that may indicate a compromise.
• Develop and maintain threat hunting playbooks, procedures, and best practices to enhance the efficiency and effectiveness of the threat hunting program.
• Collaborate with other cybersecurity professionals, including CDW’s Cybersecurity Services team to scale threat hunting outcomes and insights.

Threat Research and Reporting

• Conduct in-depth research and analysis of current and emerging cyber threats, including attack vectors, malware behavior, and procedural tactics, techniques, and procedures.
• Track threat actors group profiles, trends, and tradecraft.
• Develop high-quality threat insights that are relevant and actionable for CDW’s global security operations centers.
• Produce detailed threat analysis reports, threat briefs, and other publications that provide insights into the latest cyber threats and attack analytics.
• Collaborate with CDW’s Cybersecurity Services team to publish public threat reports, including themes, trends, and threat actor profiles.

Education and/or Experience Qualifications 

• Bachelor’s Degree
• 10 years of experience

Required Qualifications  

Who you are:

• You thrive on making an impact—for your team, your company, and the industry
• You are extremely hands-on with a passion for technology
• You do not accept the status-quo, and always strive to improve
• You are eager to learn and seek professional development continuously
• You are resourceful, open-minded, analytical and enjoy solving complex problems
• You are diligent and self-motivated

What we are looking for:

• Strong understanding of advanced threat hunting techniques, including the use of EDR tools, network traffic analysis, and other techniques.
• Experience with threat intelligence platforms, SIEM, and other cybersecurity tools and technologies
• Strong analytical and problem-solving skills, with the ability to think strategically and creatively.
• Excellent written and verbal communication skills