Apply now »

Senior Threat Hunter (IL / CA/ TX))

Naperville, IL, US, 60169

72183

Power the Possibilities
The CDK Global technology team is looking for collaborative innovators who are passionate about making their mark on emerging enterprise software products. We’re building and developing cloud technology for the automotive retail industry
that will change the landscape for automotive dealers, original equipment manufacturers (OEMs) and the customers they serve.

Be Part of Something Bigger
Each year, more than three percent of the U.S. gross domestic product (GDP) is attributed to the auto industry, which flows through our customer, the auto dealer. It’s time you joined an evolving marketplace where research and development
investment is measured in the tens of billions. It’s time you were a part of something bigger.

We’re expanding our workforce – engineers, architects, developers and more – onboarding early adopters who can optimize, pivot and keep pace with ever-evolving development roadmaps and applications.

Join Our Team
Growth potential, flexibility and material impact on the success and quality of a next-gen, enterprise software product make CDK an excellent choice for those who thrive in challenging, fast-paced engineering environments.
The possibilities for impact are endless. We have exceptional opportunities to evolve our industry by driving change through new technology.


If you’re ready for high-impact, you’re ready for CDK.

 

Senior Threat Hunter  (Position can be based out of San Jose/Hoffman Estates/Austin)

 

We are seeking an experienced Threat Hunter to perform intelligence-driven network defense supporting the monitoring and incident response capabilities. The role will involve analysis of large amounts of data from vendors and internal sources, including various indicator feeds, Splunk, and several threat intelligence tools, etc. The candidate will perform the functions of threat hunting and serve as a liaison for Threat Services for the Global Security Operation Center, and mentor the incident handling and forensics teams.

Primary Responsibilities:

  • Identify (hunt) security nuances and abnormalities in the environment
  • Develop use cases and actionable content to identify security variants that are currently not alerted within the environment
  • Provide custom tool design to assist in analysis and investigations
  • Implement integration/orchestration of existing security infrastructure and indicators
  • Design and run custom analysis models on (centralized) security event information to discover active threats
  • Perform as an Information Security SME in the following areas:
  • Threat Intelligence
  • Incident Response
  • Log analysis (statistical modeling, correlation, pattern recognition, etc.)
  • Microsoft platform (Server, workstation, applications)
  • Open Systems platforms (Linux, UNIX, VM Ware ESX)
  • Web Application
  • Networking (firewalls, IDS/IPS, packet capture)
  • Databases (Oracle, SQL Server, DB2, IMS)
  • SIEM
  • Reverse Engineering / Malware analysis
  • Collaborate with and support teammates regarding threat hunting techniques, threat intelligence, security processes/protocols
  • Build rapport with other divisions and various levels of leadership, display technical expertise, and enhance career development of peers
  • Be capable of identifying needs, driving solutions, and providing guidance in an autonomous manner
     

Job Qualifications:
 

  • Bachelors and/or Master’s degree in Engineering, Computers Science, or related field/experience
  • 7+ years overall technical experience in threat hunting, threat intelligence, incident response, security operations, or related information security field
  • 5+ years’ experience in app design/engineering, including but not limited to programming/scripting, Windows/Linux system admin, RDBMS/NoSQL database admin, etc.
  • 3+ years’ experience in penetration testing, ethical hacking, exploit writing, and/or vulnerability management
  • Deep understanding of common network and application stack protocols, including but not limited to TCP/IP, SMTP, DNS, TLS, XML, HTTP, etc.
  • Strong and recent experience with malware analysis and reverse engineering
  • Advanced experience with security operations tools, including but not limited to: SIEM (e.g. Splunk, ArcSight), Network Analysis (e.g. NetWitness, Palo Alto), EDR solutions (e.g. CrowdStrike, Tanium)
  • Broad experience with various common security infrastructure tools (NIDS, HIPS, EDR, etc.)
  • Excellent analytical and problem-solving skills, a passion for research and puzzle-solving
  • Expert understanding of large, complex corporate network environments
  • Scripting experience related to system admin and security operations (Python, Bash, PowerShell, Perl, C/C++)
  • Strong communication (oral, written, presentation), interpersonal and consultative skills, especially in regard to white papers, briefs, and presentations
  • Good organization and documentation skills
  • Leadership and mentorship skills

 

 

CDK Global knows you have passions outside of work.  You have family, friends, sporting events, and lots of things going on.   That’s why we offer a comprehensive benefits package to not only take care of you but your family as well.   All of our benefits are effective the first day of employment including 401K matching, paid time off to re-energize, donate your time to volunteer in your community, and tuition reimbursement to name a few.

At CDK, we pride ourselves on having a diverse workforce. We value and celebrate the uniqueness of individuals and the different perspectives they provide. We offer equal opportunity employment regardless of race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability status, age, marital status, or protected veteran status.  

Apply now »