Role Description You will design, build, and maintain detections that identify malicious activity across Stripe's infrastructure, applications, and cloud environments. You'll leverage your understanding of attacker TTPs — from initial access through exfiltration — to develop detection logic that catches real threats while minimizing noise. Beyond writing detections, you'll conduct threat hunts, perform malware analysis, and build automation that enables detection engineering at scale. Responsibilities - Design, build, and tune high-fidelity detections across modern SIEM platforms, covering adversary TTPs across the full attack lifecycle. - Develop detection hypotheses by researching TTPs, identifying evidence sources, and determining detection opportunities across available telemetry. - Conduct hypothesis-driven threat hunts to identify malicious activity, uncover detection gaps, and validate security controls. - Perform malware analysis and reverse engineering to extract indicators and inform detection strategies. - Build network-based detections (flow, pcap, protocol analysis) and endpoint-based detections (event logs, EDR telemetry, memory/file artifacts) across Windows, Linux, and macOS. - Partner with Threat Intelligence to operationalize intel reports into detections, hunting leads, and enrichment logic. - Collaborate with IR, SOC, and offensive security teams to validate and refine detections based on real-world incidents and red team exercises. - Build data pipelines, automation, and tooling that enable detection-as-code practices and scalable deployment. - Map detection coverage to MITRE ATT&CK, identifying and prioritizing gaps across key attack surfaces. - Lead projects, mentor teammates, and champion quality standards within the team. Qualifications - 5+ years of experience in detection engineering, threat hunting, or security operations. - Demonstrated experience writing detection logic in modern SIEM platforms (e.g., Splunk, Chronicle, Elastic, CrowdStrike NG-SIEM, Panther, Microsoft Sentinel). - Strong understanding of adversary tradecraft across the attack lifecycle: initial access, privilege escalation, lateral movement, defense evasion, persistence, and exfiltration. - Ability to extract TTPs from threat intelligence reports and translate them into detection opportunities. - Experience developing network-based and endpoint-based detections across multiple OS platforms (Windows, Linux, macOS). - Experience analyzing telemetry across endpoint, network, cloud (AWS/GCP/Azure), identity, and application log sources. - Proficiency in detection/query languages (SPL, KQL, EQL, YARA-L, SQL) and programming (Python or similar). - Strong communication skills with the ability to document detection logic and explain findings to technical and non-technical audiences. - Adversarial mindset — understanding how attackers operate to build detections that catch real-world threats. Preferred Qualifications - Experience in detection engineering or threat hunting within fintech, financial services, or highly regulated environments. - Background in malware analysis, reverse engineering, or threat research. - Experience with purple team operations — collaborating with offensive security to validate detections. - Familiarity with big data platforms (Databricks, Trino, PySpark) for large-scale log analysis. - Proficiency with AI/LLM-assisted development tools (Claude Code, Cursor, GitHub Copilot) applied to detection workflows. - Interest in agentic automation — using LLMs to augment hunting, tuning, or triage. - Experience with detection validation tools (Atomic Red Team, ATT&CK Evaluations). - Contributions to open-source detection content, research, or conference presentations. - Relevant certifications such as HTB CDSA, GCIH, GCFA, GNFA, OSCP, TCM PMAT, or GREM.

At CDW, we make it happen, together. Trust, connection, and commitment are at the heart of how we work together to deliver for our customers. It’s why we’re coworkers, not just employees. Coworkers who genuinely believe in supporting our customers and one another. We collectively forge our path forward with a level of commitment that speaks to who we are and where we’re headed. We’re proud to share our story and Make Amazing Happen at CDW. Job Summary CDW Security is the business unit within CDW, Inc. built to help customers feel confident as they address security challenges and strive for impactful business outcomes. We maintain industry-leading expertise in the areas of strategy, risk, compliance, identity and access management, data privacy, secure infrastructure, and workforce development, to name a few. The products and services related to this expertise provide CDW clients everything needed to develop and mature effective security programs. As part of the Security Solutions Executive team, you will be responsible for selling security services and products. The Security Solutions Executive is expected to enhance CDW Security’s presence, market share, and revenue growth in the cybersecurity market. Specifically, you will support the sales team with full sales lifecycle management through strategic account planning, research, opportunity management, relationship-building, partnering with services teams and OEM vendors, pursuit, and closure. Your skilled experience will enable you to quickly embrace CDW Security’s integrated sales approach, demonstrating the ability to open and manage opportunities, related to: - Identity and Access Management, Security Program Development, Privacy, Risk and Compliance, Third-Party Risk Management, Threat and Vulnerability Management, Cyber Workforce Development, Cloud Security, Secure Infrastructure, Physical Security, Emerging Security Technologies What you will do - Develop and execute successful strategies that expand CDW Security’s customer base and achieve bookings, revenue, and gross profit targets. - Establish a detailed, comprehensive understanding of all capabilities, service offerings, value proposition, market positioning, selling strategy and process, as well as key differentiators. - Cultivate productive relationships with key personnel in current and targeted accounts. - Identify, engage, qualify, develop, and earn new clients. - Manage, support, and grow relationships as part of the extended sales team with prospects and clients as a consultative seller. - Network with a broad range of client organizations and leadership in key fields, including: Information Technology, Information Security, Finance, Internal Audit, Data Privacy, Compliance, and Legal, Enterprise Risk Management, Procurement / Supply Chain Management - Proactively coordinate with other CDW Security resources to drive sales cycles, meet company objectives, and exceed client expectations. These key internal resources include Subject Matter Experts, Practice Leadership, Sales Management and Marketing. - Build strong relationships with the partner community to identify opportunities for CDW and those partners. - Understand industry landscapes and follow trends that impact our clients’ business risk, strategic decision-making, and budget planning and expenditure. - Provide accurate sales pipeline updates and forecasts. - Proactively populate and maintain all information in Salesforce. - Provide onboarding support and mentorship to entry level Security Solutions Executives. - Enhance CDW Security’s and your personal brand through participation at industry events, speaking engagements, blogging and other forms of acceptable public communication. - Proactively work with marketing to develop regional events that attract senior leadership from key accounts and prospects. What we expect of you - Bachelor’s degree in business, computer science, or related technical degree or equivalent. - 10+ years of experience identifying opportunities and full lifecycle management for security services and products and/or equivalent experience as a security practitioner. - Mastery of at least seven of the security focus areas in the security portfolio - Experience with enterprise sales, with both strategic planning and day-to-day execution. - Proven performance record with demonstrated year-over-year metrics. - Successful record of meeting or exceeding sales goals. - Ability to take personal ownership of professional goals and achieve financial targets. - Strong ambition and sense of urgency. - Energetic networker and relationship-builder. - Ability to work with and effectively coordinate across extended internal teams and partners. - Excellent, professional written and verbal communication and interpersonal skills. - Ability to travel as needed for customer meetings and to develop/maintain partner relationships. Pay range: $100,000 - $140,000, depending on experience and skill set Annual bonus target of $30,000 subject to terms and conditions of plan Additionally, uncapped commission subject to terms and conditions of plan Benefits overview: https://cdw.benefit-info.com/ Salary ranges may be subject to geographic differentials CDW is committed to being an AI-fluent organization We’re looking for people who bring curiosity, a learner’s mindset, and a willingness to engage with ever-evolving technology and tools. We value adopting AI as a partner, openness to experimentation, and a shared interest in learning together on AI. Our goal is to create a culture where AI enhances—not replaces—human creativity and decision-making. You don’t need to be an expert today; what matters is your readiness to explore, adapt, and grow with us as we integrate AI responsibly and effectively into our work. Additionally, CDW is committed to fostering an equitable, transparent, and respectful hiring process for all applicants. During our application process, our goal is to understand your experience, strengths, skills, and qualifications. As an AI forward company, we see AI not just as a tool, but as a catalyst for new ways of thinking, creating, and communicating. We encourage candidates to embrace an AI mindset, one that’s curious, adaptive, and ready to explore what’s possible. We welcome thoughtful use of AI to expand your perspective and elevate how you share your story, while ensuring your application remains rooted in your own background, judgment, and voice. About Us CDW is a Fortune 500 technology solutions provider that helps businesses, government, education, and healthcare organizations achieve what’s possible through technology. What makes CDW different isn’t just what we do—it’s how we do it. At CDW we act as one—building trust, speaking candidly, and working together to achieve more. We play to win—focusing on what matters most and delivering for our customers. And we think forward—staying curious, moving fast, and continuously learning. We believe meaningful work happens when people feel supported, heard, and empowered to contribute. That’s why we think of ourselves as coworkers, not just employees—working together to solve complex challenges and deliver real impact for our customers and communities. As a full‑stack, full‑lifecycle technology partner, CDW brings deep expertise, strong relationships, and broad industry knowledge to help turn ideas into outcomes. When you join CDW, you become part of a collaborative environment where your work matters, your growth is supported, and your contributions help shape what’s next. Together, we deliver the full promise of what technology can do. Together, we Make Amazing Happen. CDW is an equal opportunity employer. All qualified applicants will receive consideration for employment without regards to race, color, religion, sex, sexual orientation, gender identity, national origin, disability status, protected veteran status or any other basis prohibited by state and local law.

Responsibilities Cardinal Technology Systems Corp. is a government IT solutions provider servicing commercial and government initiative in various parts of the United States. We are currently seeking an Operational Technology Security Engineer to work for our company. Summary - Must possess IT-II security clearance or have a current National Agency Check with Local Agency Check and Credit Check (NACLC). (Basic Federal Clearance requirements are U.S. Citizenship, clear criminal history check, no recent or pending bankruptcies) - Performs a variety of routine project tasks applied to specialized information assurance problems with operational technology (OT) systems. - Tasks involve integration of OT processes or methodologies with information systems to resolve total system problems, or technology problems as they relate to Cybersecurity requirements. - Analyzes information security requirements. - Applies analytical and systematic approaches in the resolution of problems of workflow, organization, and planning. - Provides security engineering support for planning, design, development, testing, demonstration, and integration of OT systems. Requirements - Must possess IT-II security clearance or have a current National Agency Check with Local Agency Check and Credit Check (NACLC). (Basic Federal Clearance requirements are U.S. Citizenship, clear criminal history check, no recent or pending bankruptcies) - Required Training /Certifications In: ICS300 or relevant Operational Technology “OT” or Industrial Control System “ICS” Cybersecurity Certifications and Forescout – Training Module /Course Completion. - Must possess an active DoD 8570 IAT Level II certification such as Security+ CE, CySA+, and SSCP. - 7+ years of relevant OT Cybersecurity experience. - Experience with OT communication protocols such as Modbus/TCP, EtherNet/IP, IEC 61850, ICCP, DNP3, BACnet, and similar industrial protocols. - Strong understanding of OT systems including SCADA, ICS, DCS, PLCs, HMIs, RTUs, and field devices. - Knowledge of secure OT network architectures, including segmentation, firewalls, IDS/IPS, and network monitoring solutions. - Understanding of secure remote access technologies and best practices for OT maintenance and monitoring. - Experience managing software and firmware updates for OT devices while minimizing operational disruption. - Proficiency with OT-relevant cybersecurity frameworks such as NIST CSF, ISA/IEC 62443, and NERC CIP. - Familiarity with DoD cybersecurity requirements including STIGs, TCG configuration guides, IAVMs, and Task Orders. - Experience preparing environments for DoD cybersecurity inspections. - Ability to develop, maintain, and validate cybersecurity artifacts and documentation. - Understanding of compliance requirements for OT environments and industry-specific regulatory obligations. - Proficiency in conducting vulnerability assessments across networks, databases, applications, and OT/IT systems. - Knowledge of vulnerability scanning and asset visibility tools (ACAS, Nessus, Qualys, Forescout, EyeInspect). - Updates and tracks POA&M entries by documenting findings, logging remediation actions, and keeping milestone dates current to ensure issues move toward closure. - Experience performing OT-specific risk assessments, identifying threats, vulnerabilities, and operational impacts. - Ability to recommend risk-based mitigation strategies tailored to OT constraints. - Familiarity with secure configuration baselines, hardening procedures, and compliance enforcement. - Experience deploying and tuning security monitoring solutions for OT environments, including anomaly detection and threat intelligence integration. - Ability to develop and implement OT-specific incident response plans. - Knowledge of forensic techniques and tools appropriate for OT systems. - Understanding of patch management workflows and enterprise change management processes. - Ability to build automated workflows for vulnerability remediation, compliance checks, or reporting. - Proficiency with analytical tools such as Microsoft Excel, Access, Power BI, and Power Platform. - Ability to generate clear, accurate, and audit-ready cybersecurity reports for technical and leadership audiences. - Experience producing analytics and trend reports using data from scanners, configuration tools, and monitoring platforms. - Understanding of vendor and supply chain security practices for OT equipment and services. - Experience bridging IT and OT cybersecurity requirements to ensure aligned policies and protections. - Ability to translate technical findings into actionable recommendations for engineers, operators, and leadership. - Strong research, analytical, and problem-solving abilities. - Excellent written and verbal communication skills, including briefing senior leaders. - Proven ability to work independently and collaboratively with minimal oversight. - Commitment to staying current on emerging OT threats, vulnerabilities, and best practices. Benefits • Medical, Dental, Vision Benefits • Paid Life • Paid Vacation, Holidays, Sick Leave, Floating Holidays, Bereavement Leave • Semi-monthly pay cycle Work With Us Cardinal Technology Systems, Corp (“CTech-Sys”), www.ctech-sys.com, is an SBA Certified 8(a) and HUBZone company located in the National Capital Region (NCR) and serves both government and commercial clients such clients as US CBP, US CIS, DLA, DFuse Technologies, and American Environmental Engineering Consultants. Cardinal Technology Systems, Corp is an Equal Employment Opportunity employer and it’s our policy to consider applicants for employment without regard to sex, race, color, creed, religion, national origin, sexual orientation, marital status, age, disability, veteran status, alienage, ancestry, or any other factors prohibited by law. Employment selections are based on company and client requirements and the qualifications and skills of the candidate. CTech-Sys is committed to actively capitalizing on the diversity of skills, talents and perspectives of our employees.

• Incident Investigation: Lead investigations into high-severity threats, identifying root causes to prevent recurrence. • Threat Containment & Remediation: Take immediate, hands-on action to stop attacks and restore systems to normal operations. • Digital Forensics: Perform host, memory, and network forensics to uncover indicators of compromise (IOCs). • Automation & Tooling: Write scripts (Python, Bash, PowerShell) and build SOAR playbooks to automate response actions. • Monitoring & Hunting: Proactively monitor security alerts and conduct threat hunting to detect malicious activity. • Documentation & Reporting: Create detailed post-mortem reports and update runbooks