Share this Job

Senior Incident Response Analyst - Hoffman

Apply now

Apply for Job

Date: May 2, 2019

Location: Hoffman Estates, IL, US, 60169

Company: CDK

Job Description

Accelerate Your Career

Drive global technology

 

With more than $2 billion in revenues, CDK Global is a leading global provider of integrated information technology and digital marketing solutions to the automotive retail and adjacent industries. Focused on enabling end-to-end automotive commerce, CDK provides solutions to dealers in more than 100 countries around the world, serving approximately 28,000 retail locations and most automotive manufacturers.   CDK Global solutions automate and integrate critical processes from pre-sale targeted advertising to the sale, financing, insurance, parts supply, repair and maintenance of vehicles, with an increasing focus on utilizing data analytics and predictive intelligence.   

 

We’re large enough to make a difference but small enough for your voice to be heard. This means that we are an organization where every person matters. You can make an impact on the success of our business and that of our customers regardless of what career you decide to pursue.

 

From data scientists to sales and client service experts, we’re hiring to support your growth and ours - Green light your career.  

The Senior Cyber Security Incident Response Analyst is an integral part of CDK’s Global Cyber Security Incident Response team (CSIRT) which has a global presence in Asia, Europe, and the United States. This position is responsible for mentoring junior Incident Response Analysts as well as monitoring all security-related events generated, tracked, correlated, and alerted on by the Security Information and Event Management (SIEM) system.


This position is in Hoffman Estates, IL.

Key Duties & Responsibilities

  • Monitor SIEM dashboard for detections of potentially malicious activity/events.
  • Perform validation analysis on SIEM-generated alerts to ensure alerts are actionable.
  • Determine the potential and actual impact of the event.
  • Engage with additional members of the CSIRT and execute the incident response process (this may include capturing and analyzing network packets, performing host- and network-based forensic investigations, creating timeline of the events, performing behavior-based malware analysis, etc.).
  • Coordinate additional incident response activities (escalations, notifications, conferences calls, etc.); work with internal stakeholders and external managed services to find, isolate, and remediate threats on the CDK Global network.
  • Research, evaluate, and assess emerging threats, incidents, and vulnerabilities.
  • Mentor other Incident Response team members.

Preferred Skills / Knowledge & Experience

  • 4+ years of experience in a similar position where the candidate engaged in security monitoring and Incident Response analysis, event investigation, correlation, and escalation.
  • Bachelor’s Degree in Cyber Security, Network Security, Information Security Computer Systems Engineering, Computer Science, Computer Information Systems or equivalent from a regionally accredited institution of higher learning.
  • Specialized experience and training in Information Security, Computer Systems Engineering, or Network Engineering.
  • Experience and ability to read, understand, and correlate network firewall logs, webserver logs, authentication logs, endpoint event logs, intrusion prevention/detection logs.
  • Ability to write interpreted language scripts such as Python for log analysis and automation.
  • Other necessary skills include Windows, knowledge of Linux, understanding and experience with Internet technologies and concepts, such as: TCP/IP, DNS, HTTP, FTP, SMTP, SSL, PKI, firewalls, load balancers, intrusion detection/prevention, anti-virus, application security, policy development, risk assessments, encryption, and website monitoring.

 

Candidate must possess good analytical, technical, problem-solving, and organizational skills. Candidate must also be able to adjust quickly to shifting priorities while making quick independent decisions with limited information, which support the goals of CSIRT and CDK Global.

 

CDK Global knows you have passions outside of work.  You have family, friends, sporting events, and lots of things going on.   That’s why we offer a comprehensive benefits package to not only take care of you but your family as well.   All of our benefits are effective the first day of employment including 401K matching, paid time off to re-energize, donate your time to volunteer in your community, and tuition reimbursement to name a few.

At CDK, we pride ourselves on having a diverse workforce. We value and celebrate the uniqueness of individuals and the different perspectives they provide. We offer equal opportunity employment regardless of race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability status, age, marital status, or protected veteran status.  


Nearest Major Market: Chicago

Job Segment: Outside Sales, Information Systems, Supply, Computer Science, Linux, Sales, Technology, Operations

Apply now

Apply for Job