Sr. Security Engineer SecOps

Position Title: Security Operations Analyst 

Reports To: Director of Security Operations 

Security Operations Analyst is a technical subject matter expert responsible for the execution of CDK’s Security Monitoring and Response strategy. This individual plays a key technical role in our Security Operations organization and enables efficient and effective incident response. 

Key Responsibilities: 

1. Technical Leadership: 

• Exemplify security principles and culture 

• Develop playbooks, standards, and procedures that enable CDK security operations strategy 

• Effectively partner across security, technology, and business teams 

• Provide technical leadership to the security operations team 

• Develop effective metrics and use them to drive meaningful improvements  

2. Threat and Incident Detection: 

• Oversee the detection, investigation, and response to security incidents  

• Develop and manage adoption of security monitoring standards and guidelines 

• Contribute to the continuous expansion of CDK’s threat detection capabilities 

3. Incident Response: 

• Develop, exercise, test, and continuously improve the incident response plan 

• Develop incident response playbooks and drive response playbook automation, regularly test playbook effectiveness and drive improvement 

• Lead response to medium or higher criticality impact security incidents in accordance with the incident response plan, and effectively coordinate with internal and external parties 

• Serve as a technical leader for significant security incidents 

• Assure plans/procedures/playbooks coverage for likely security incident scenarios 

• Assure 24x7x365 incident response coverage and escalation processes 

• Regularly update the list of likely security incident scenarios using external threat intelligence, collaboration with internal technology teams, and other data sources 

4. Security Posture Improvement 

• Use offensive security techniques and exercises to identify detection and response gaps and drive remediation 

• Regularly practice incident response plans and procedures in collaboration with internal and external stakeholders 

Required Qualifications: 

Education:  

•  Bachelor’s degree in computer science, information security, or an equivalent experience 

Experience: 

• Minimum of 6 years in cybersecurity, with at least 3 years in a security monitoring and incident response role 

• Strong background in security monitoring, automation, and incident response, preferably in a complex SaaS environment 

• Experience leading the response to enterprise security alerts and incidents 

• Experience building and tuning threat detection content 

• Experience scripting with python, javascript, and powershell 

• Experience with SIEM tools, process automation, cloud environment monitoring, IDS/IPS, firewalls, EDR solutions, MDR/MSSP providers. 

At CDK, we believe inclusion and diversity are essential in inspiring meaningful connections to our people, customers and communities. We are open, curious and encourage different views, so that everyone can be their best selves and make an impact.

CDK is an Equal Opportunity Employer committed to creating an inclusive workforce where everyone is valued. Qualified applicants will receive consideration for employment without regard to race, color, creed, ancestry, national origin, gender, sexual orientation, gender identity, gender expression, marital status, creed or religion, age, disability (including pregnancy), results of genetic testing, service in the military, veteran status or any other category protected by law.

Applicants for employment in the US must be authorized to work in the US.  CDK may offer employer visa sponsorship to applicants.