CDW Corporation is a leading multi-brand provider of information technology solutions to business, government, education and healthcare customers in the United States, the United Kingdom and Canada. A Fortune 500 company and member of the S&P 500 Index, CDW helps its customers to navigate an increasingly complex IT market and maximize return on their technology investments. For more information about CDW, please visit www.CDW.com. Our broad array of products and services range from hardware and software to integrated IT solutions such as security, cloud, hybrid infrastructure and digital experience.

Senior Security Engineer I, Hunt & Incident Response

Security EngineerSecurity EngineerFull TimeRemoteTeam 10,001+Since 1984H1B SponsorCompany Site LinkedIn

Location

United States

Posted

48 days ago

Salary

$82K - $114.8K / year

Bachelor Degree5 yrs expExperience acceptedEnglishAzureCyber SecurityDNSFirewallsSplunk

Job Description

• Conduct comprehensive alert investigations by correlating data from multiple sources, including SIEM, EDR, firewalls, DNS, and identity logs. • Independently assess potential incidents applying advanced analytical judgement. • Implement containment measures through EDR and network controls, mitigate lateral movement risks, and provide comprehensive support across all phases of the NIST IR lifecycle with limited supervision. • Ensure comprehensive documentation, accurate timelines, and clear communication are delivered to leadership, Tier 3 personnel, and cross-functional stakeholders during incident management. • Utilize threat intelligence to enhance the context of investigations and increase the accuracy of detection. • Oversee CSOC escalations throughout the shift, mentor Tier 1 analysts, and facilitate effective handoffs during shift transitions.

Job Requirements

Bachelor’s degree and 5 years of Threat Detection and Incident Response experience, OR 9 years of IT experience, of which 5 years should be in Threat Detection and Incident Response.
Demonstrated experience with threat intelligence platforms, SIEM, and other cybersecurity tools and technologies such as the following: Microsoft Defender, CrowdStrike XDR, Palo Alto XSIAM, Microsoft Sentinel, Microsoft Azure Active Directory, Splunk.
Demonstrated experience and understanding of threat hunting techniques, including the use of EDR tools, network traffic analysis, and other techniques.
Experience with the MITRE ATT&CK framework and techniques.
Excellent verbal and written communication skills, with the ability to effectively interact with all coworkers and stakeholders.
Strong analytical and problem-solving skills, with the ability to think strategically and creatively.
Ability to prioritize work and handle multiple tasks simultaneously in a fast-paced, diverse, and growth-oriented environment.
Current and relevant cybersecurity certifications such as the following are a plus: GIAC Incident Handler (GCIH), GIAC Certified Forensic Analyst (GCFA), Microsoft Azure.