true Principal, Threat Intelligence Operations
Join CDW and help protect delivery of full stack technology solutions and global services for 250K+ customers—including corporate enterprise, government, education, and healthcare industries. You will be on a team dedicated to collaborative delivery of a new global information\ security strategy, operating model, and objectives to accelerate CDW’s business goals in a secure way.
Your role at CDW is of the utmost importance to the company’s mission, objectives, and reputation. As a Principal of Threat Intelligence Operations, you will play a pivotal role in identifying and analyzing cyber threat tactics, techniques, and procedures—ensuring proactive detection capabilities to aid the global threat detection and response mission. Your responsibilities include four parts:
Key Areas of Responsibilities
Threat Intelligence Research
- Lead the development of an analytical framework for performing threat intelligence analysis.
- Develop methodologies to leverage paid for subscriptions and open-source resources to conduct in-depth research and analysis of current and emerging cyber threats, including attack vectors, malware behavior, and procedural tactics, techniques, and procedures.
- Develop and maintain Diamond Model and Kill Chain models to track threat actors group profiles, trends, and tradecraft.
- Develop high-quality threat insights that are relevant and actionable for CDW’s global security operations centers.
Threat Intelligence Content Development
- Lead the development of methodologies to identify and report indicators of compromise (IOCs).
- Develop and maintain a proactive approach to publish IOCs for proactive countermeasures.
- Collaborate with coworkers and teams to deploy cybersecurity countermeasures during cybersecurity events and incidents.
- Perform after action analysis to identify areas and opportunities of improvement to improve IOC identification and content development.
- Collaborate with coworkers during events or incidents to identify IOCs to pivot from and potentially identify additional IOCs.
- Provide technical guidance and mentorship to junior team members.
Threat Intelligence Reporting
- Produce detailed threat analysis reports, threat briefs, and other publications that provide insights into the latest cyber threats and attack analytics.
- Collaborate with CDW’s Cybersecurity Services team to publish public threat reports, including themes, trends, and threat actor profiles.
- Draft Threat Intelligence Advisories to advise coworkers and other key stakeholders of threat actors tactics, techniques and procedures (TTPs).
- Lead the development of threat intelligence metrics to measure changes in threat actor activities, IOCs identified and content produced.
- Develop and monitor metrics and key performance indicators to measure the effectiveness of the threat detection program.
Education and/or Experience Qualifications
- Bachelor’s Degree
- 10 years of experience
Who you are:
- You thrive on making an impact—for your team, your company, and the industry.
- You are extremely hands-on with a passion for technology.
- You do not accept the status-quo, and always strive to improve.
- You are eager to learn and seek professional development continuously.
- You are resourceful, open-minded, analytical and enjoy solving complex problems.
- You are diligent and self-motivated.
What we are looking for:
- Strong understanding of cybersecurity adversary TTPs.
- Experience with threat intelligence platforms such as Recorded Future, Intel 471, Domain Tools, CrowdStrike, etc.
- Strong analytical and problem-solving skills, with the ability to think strategically and creatively.
- Experience with the Mitre ATT&CK framework and techniques.
- Excellent written and verbal communication skills