Security Systems Specialist

Bring your IT career and talents to CDW, where you can have a greater impact, be inspired by our mission, and excited about your career and future. A Fortune 200 leader, we’re the driven professionals and technology experts companies turn to most to solve their IT challenges.

Technology never sleeps and neither do we. At CDW, we’re always on, forever vigilant, and information security is infused in our DNA. Our System Specialist – Security career puts you on the front-line of defense, the cutting-edge of innovation and plays a crucial role within the CDW Security Operations Center. The System Specialist – Security will be responsible for the management of SIEM technologies and should have a solid understanding and working experience with LogRhythm, Microsoft Sentinel, and/or Splunk and Extended Detection and Response (XDR) platforms.

You will work closely with the customer and CDW operations team and will be responsible for onboarding customers, creating various security use-cases and dashboards, and providing expert advice on how the security of customers’ environment can be improved by using various features and capabilities of enterprise SIEM platforms. As a System Specialist - Security, you will also be working internally with the Security Operations Center team to improve security operation and monitoring as it relates to services offered via SIEM, SOAR, and XDR.

What you will do:

• Providing expert guidance regarding the implementation of advance security use cases and correlation rules for the SIEM environment.
• Installation (scripted), operation, and troubleshooting of LogRhythm and other SIEM deployments as well as management of LogRhythm knowledge objects (AIE Rules, Alerts, Dashboards, Playbooks, Report Packages, etc.)
• Researching, analyzing, and understanding common and complex log sources and their data ingestion and connector requirements.
• Creating detailed reports, queries, dashboards, and visualizations that support customer requirements and monitoring of the SIEM deployment.
• Responsible for working with stakeholders to troubleshoot issues with LogRhythm and other SIEM deployments.
• Coordinating and conducting event collection, log management, event management, and compliance automation.
• Developing analytic rules to support alerting and response capabilities for CDW SOC services.
• Supporting platform problem, change, and incident on an 8x5 basis in addition to the daily tuning of false positives from the L2 and L3 incident response teams.
• Overseeing daily monitoring of security reports & assisting the incident response team in investigating alerts along with opportunities to automate and tune response activities.
• Document and create process improvements as needed when gaps are/have been identified.
• Lead and coordinate onboarding of new LogRhythm and other SIEM customers into the SOC.
• Conduct proof of concepts, vendor comparisons, and recommend solutions in line with business requirements.
• Act as a subject matter expert (SME) while providing leadership, guidance, and mentorship to other team members.

What we expect of you:

Must-have:

• Degree in Engineering, Computer Science, Science, or a related field, or demonstrated equivalent combination of education and experience.
• Sound knowledge of LogRhythm and/or comparable SIEM technologies and XDR platforms including Microsoft Defender, CrowdStrike, and Cortex XDR.
• 2+ years of experience working with LogRhythm and/or comparable SIEM technologies.
• 2+ years of experience working with XDR platforms including Microsoft Defender, CrowdStrike, and Cortex XDR.
• Ability to remain calm in a fast-paced work environment and to demonstrate thoughtful leadership in assessing problems/opportunities and recommending an approach to solving problems and pursuing opportunities.

Nice-to-have:

• Industry certification such as CISSP, CEH, OSCP, PNPT, GSEC, CISM, CISA, etc., or other related security certifications.
• Understanding and ability to speak to security frameworks (NIST, ISO27001), security compliance (PCI, SOC I, SOC II), and ITIL frameworks.
• Able to obtain and maintain Canadian Security Clearance.

Salary range: $74,500 - $95,460

Who we are:
CDW is a leading technology solutions provider to business, government, education, and healthcare organizations across the globe. Our fingerprints can be found on technology in workplaces of more than 250,000 companies; from fresh-faced start-ups to international conglomerates. With the breadth of products and services we offer, there is no request too big or too small.

What you can expect from us: Culture, coworkers, careers.
CDW is not only the People Who Get IT but the People who get People. Our relationships are fueled by our deep expertise and grounded in the CDW Way. Our empowering leadership makes things happen and inspires their teams to do the same. From the teammates beside us to the leaders who guide us, we move forward together. At CDW, you’ll work with people who inspire you. People with positive, success-driven attitudes who you will learn from and forge strong relationships with. Bring your best true self—and your best ideas—to CDW. Because diverse perspectives bring forth better problem solving—and better solutions for our customers on a rapidly evolving technology landscape.

CDW Canada Corp., and its subsidiaries, is an equal opportunity employer and maintains a policy of non-discrimination towards all employees and applicants for employment in all aspects of employment. CDW does not discriminate against any employee or applicant because of citizenship, race, colour, religion, sex, sexual orientation, age, place of origin, disability, marital or family status, or as otherwise prohibited by law.

CDW is committed to employment equity and to providing accessibility in our employment practices to qualified candidates with disabilities. Requests for accommodation can be made at any stage of the recruitment process by emailing our Canada Talent Acquisition Helpdesk.