Cybersecurity Analyst

Job Summary

Career Opportunities at CDW

Career Opportunities at CDW

Job Summary

CDW is a leading technology solutions provider to business, government, education and healthcare organizations across the globe. Our fingerprints can be found on technology in workplaces of more than 250,000 companies; from fresh-faced start-ups to international conglomerates. With the breadth of products and services we offer, there is no request too big or too small. We are seeking a highly skilled and motivated individual to join our team as a Cybersecurity Analyst. This role will be part of our Managed Security Services team, providing 24/7 support to our clients. The successful candidate will have a strong background in EDR, XDR, SIEM tools, and scripting languages such as Bash, PowerShell, or Python. They will also have experience in navigating Windows and Linux file systems via the Command line or using PowerShell. The ideal candidate will have a solid understanding of Windows, Linux, and/or Mac process internals, structure, and/or information. They will be responsible for performing in-depth investigations of security incidents, writing incident reports, and providing recommendations to clients. The candidate will also be required to work collaboratively with other teammates, take ownership of issues, and drive them towards a resolution. The successful candidate will have a good understanding of IT infrastructure systems, cybersecurity fundamentals, vulnerability management fundamentals, endpoint and server administrations, network routing and switching, network traffic analysis and administration. They will also have the ability to acquire technical skills and certifications required to effectively execute the role, develop familiarity with industry or specialty products/services, and apply the knowledge gained through training. The ideal candidate will have good troubleshooting and problem-solving skills, possess an innate curiosity and critical thinking mindset, and be able to establish positive working relationships and contribute to team objectives in a consulting environment. They will also have good verbal, written communication skills and the confidence to engage clients effectively. The successful candidate will be required to work other shifts including weekends, holidays, and overtime to provide the required coverage. We offer a competitive salary and benefits package, as well as opportunities for professional development and career growth. If you are a motivated and experienced individual looking for a new challenge, please submit your application. We look forward to hearing from you.

Key Responsibilities

• Monitor, analyze, and triage cyber security alerts on the EDR/XDR tool by applying industry accepted analytics techniques and cyber security frameworks such as Kill Chain and MITRE ATT&CK.
• Take ownership of in-scope cyber incident investigations.
• Create, manage, and follow up on service tickets.
• Monitor and manage request and incident queues and provide response and resolution within Service Level Agreement and Service Level Objective.
• Follow defined processes for incident response.
• Correlate event details within the incident timeline to identify malicious activities leveraging EDR/XDR tool.
• Carry out extended searches for leveraging the SIEM platform to provide in-depth investigation and identify full attack path where applicable.
• Design, create, and update documentation as directed.
• Research and analyze threat intelligence and indicators of compromise (IOC) for applicability during incident investigation.
• Review alerts, decipher false positives, and follow through on incident investigations.
• Initiate response actions via the EDR or XDR tool for incident remedial action.
• Evaluate risk of security alerts and make appropriate recommendations to mitigate evaluated risks.
• Update service tickets and cases with investigation evidence.
• Apply Trusted Advisor techniques to build up client trust and influence loyalty.
• Carry out rapid IOC searches based on given IOC obtained from threat intelligence feeds across clients' endpoint/extended detection and response platforms.
• Open technical support cases with respective vendors where applicable.
• Escalate issues encountered during the shift to the Manager.

Requirements

• Bachelor's degree (B.A./B.S.) or 3-year diploma in Engineering, Computer Science, or Technology related field.
• At least 1 year of work experience in supporting information technology/systems.
• At least one (1) technical certification in the technologies for which Sirius offers Managed Security Services. These may include, but are not limited to: QRadar, LogRhythm, Exabeam, or similar technology.
• Any of these security focused certifications: Comptia Security +, Comptia CYSA, SANS: GCIA, GCIH, CEH.

Preferred Qualifications

• Previous experience working in a Security Operations Centre (SOC) environment or similar environment.

What We Offer

CDW is a leading technology solutions provider to business, government, education and healthcare organizations across the globe. Our fingerprints can be found on technology in workplaces of more than 250,000 companies; from fresh-faced start-ups to international conglomerates. With the breadth of products and services we offer, there is no request too big or too small. We offer a competitive salary and benefits package, as well as opportunities for professional development and career growth. If you are a motivated and experienced individual looking for a new challenge, please submit your application. We look forward to hearing from you.