We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search

Job posting has expired

#alert
Back to search results / More jobs like this
Back to search results
Remote New
CDW jobs

Principal Threat Detection & Cyber Security Operations

CDW
United States
Aug 19, 2025

Description

At CDW, we make it happen, together. Trust, connection, and commitment are at the heart of how we work together to deliver for our customers. It's why we're coworkers, not just employees. Coworkers who genuinely believe in supporting our customers and one another. We collectively forge our path forward with a level of commitment that speaks to who we are and where we're headed. We're proud to share our story and Make Amazing Happen at CDW.

Job Summary

Join CDW and help protect delivery of full stack technology solutions and global services for 250K+ customers, including corporate enterprise, government, education, and healthcare industries. You will be on a team dedicated to collaborative delivery of a new global information security strategy, operating model, and objectives to accelerate CDW's business goals in a secure way.

What you will do:

Principal of Threat Detection & Cyber Security Operations is a senior technical leader responsible for driving the strategic and operational excellence of Threat Detection & Response within the Global Information Security organization. This role leads Tier 1, 2, and 3 incident responders, develops advanced threat detection capabilities, and spearheads enterprise-wide threat hunting and risk mitigation efforts. The ideal candidate combines deep technical expertise with strong leadership and analytical skills to protect the organization from evolving cyber threats.

Key Areas of Responsibilities

Leadership, Strategy & Communication

  • Lead and mentor Tier 1, 2, and 3 incident response team members, fostering technical excellence and continuous improvement.
  • Define and drive the strategic direction of threat detection and response capabilities across Global Information Security organization, including the adoption of generative and agentic AI to enhance operational efficiency and decision-making.
  • Collaborate with senior leadership to align security operations with business objectives and risk posture.
  • Serve as a technical liaison between Cyber Security Incident Response and other teams (e.g., threat
  • intelligence, vulnerability management, IT operations).
  • Communicate effectively with stakeholders at all levels, translating technical findings into business impact.
  • Represent the Cyber Security Incident Responders in internal and external audits, tabletop exercises, and compliance assessments.

Threat Detection & Response

  • Architect and optimize detection engineering processes, including rule creation, tuning, and validation across SIEM, EDR, and other telemetry sources.
  • Oversee the development and deployment of advanced threat detection use cases using behavioral analytics, threat intelligence, machine learning, and generative AI to automate and enrich detection logic and alert triage.
  • Lead complex incident investigations and coordinate cross-functional response efforts during major security events.
  • Establish and maintain playbooks, runbooks, and escalation procedures for incident response across all tiers.
  • Ensure consistent and high-quality triage, analysis, and remediation of security alerts and incidents.

Advanced Threat Hunting Responsibilities

  • Lead enterprise-wide threat hunting initiatives to proactively detect hidden or emerging threats, leveraging agentic AI to autonomously generate hypotheses, correlate data, and surface novel threat patterns.
  • Develop hypotheses-driven hunts using threat intelligence, behavioral analytics, and MITRE ATT&CK mapping.
  • Analyze telemetry from endpoints, networks, cloud, and identity systems to uncover anomalous activity.
  • Identify visibility gaps and recommend improvements to logging and data collection.
  • Document findings and collaborate with Threat Detection and Response team to enhance detection and response capabilities.
  • Mentor responders in threat hunting techniques and investigative workflows.

Data Analysis & Risk Mitigation

  • Analyze security telemetry and incident data to identify trends, root causes, and systemic risks.
  • Translate complex data into actionable insights for improving detection, response, and prevention strategies, incorporating generative AI to synthesize telemetry and incident data into predictive risk models and automated reporting.
  • Collaborate with risk management and compliance teams to align threat detection with enterprise risk frameworks.
  • Recommend and implement controls to mitigate identified risks and reduce attack surface.
  • Continuously assess and refine detection logic based on data-driven feedback and evolving threat landscape.

What we expect of you:

  • Bachelor's degree and 10 years of advanced threat hunting methodologies, including the use of EDR tools and comprehensive network traffic analysis, OR
  • 14 years of advanced threat hunting methodologies, including the use of EDR tools and comprehensive network traffic analysis.
  • Demonstrated experience in the design and implementation of cybersecurity platforms, with practical application of CI/CD tools and methodologies to improve development efficiency and reliability.
  • Advanced skills in threat intelligence platforms, Security Information and Event Management (SIEM) systems, and various cybersecurity technologies such as Microsoft Defender, CrowdStrike XDR, Palo Alto XSOAR/XSIAM, Microsoft Sentinel, Microsoft Azure Active Directory, and Splunk Enterprise Security.
  • Strong analytical and problem-solving capabilities paired with strategic and creative thinking.
  • Possession of current, relevant cybersecurity certifications is highly desirable (e.g., GIAC Incident Handler [GCIH], GIAC Certified Forensic Analyst [GCFA], Microsoft Azure).
  • Comprehensive understanding of the Mitre ATT&CK framework and related methodologies.
  • Proven track record of success in dynamic and innovative work environments.
  • Adaptability to evolving situations and new challenges.
  • Exceptional written and verbal communication skill
  • Demonstrated experience driving cross-functional impact across team, organizational, or industry-level initiatives.
  • Proven hands-on experience applying technical skills in real-world scenarios, including system implementation, troubleshooting, and optimization.
  • Demonstrated history of leading or contributing to process improvement initiatives that resulted in measurable efficiency or performance gains.
  • Documented participation in professional development activities such as certifications, workshops, or continuing education programs.

We make technology work so people can do great things.

CDW is a leading multi-brand provider of information technology solutions to business, government, education and healthcare customers in the United States, the United Kingdom and Canada. A Fortune 500 company and member of the S&P 500 Index, CDW helps its customers to navigate an increasingly complex IT market and maximize return on their technology investments. Together, we unite. Together, we win. Together, we thrive.

CDW is an equal opportunity employer. All qualified applicants will receive consideration for employment without regards to race, color, religion, sex, sexual orientation, gender identity, national origin, disability status, protected veteran status or any other basis prohibited by state and local law.

(web-5cf844c5d-jtghc)