CGI
Overview
CGI Federal is looking for a
SOC Analyst
to support our Managed Security Services based out of Huntsville, AL. We provide Incident Management and Intrusion Detection services, along with Threat Hunting and in-depth analysis to our customers. Qualified applicants will be on the forefront of incident response where they will utilize the latest in network security technology to provide Computer Network Defense and Information Assurance (IA) support to CGI Federal and its customers. This position is located in our Huntsville, AL, San Antonio, TX, Lebanon, VA, or Lafayette, LA office; however, a hybrid working model of two days a week onsite. Responsibilities Understand and maintain the appropriate knowledge of tools, security procedures, and services within the CGI Federal Managed Security Services (MSS). Ensure that event analysis and incident reports are documented and quality control is applied to ensure accuracy. Assist in developing and maturing the future services and capabilities of the MSS, such as Threat Management, Penetration Assessments Activities, Tool & Automation Management, and more. Identify improvements within processes, procedures, policies, staffing, training, and tools to improve efforts and daily operations. Ensure that all procedures and operations are carried out as tasked. Responsible for shift activity logging and daily operations in terms of making sure that daily shift responsibilities are completed. Understand and contribute to the improvement and direction of CGI Federal's MSS objectives, direction, and procedures. Maintain the ability to complete all MSS operations and procedures and ensure the proper escalation and leadership knowledge is provided. Ensure the proper documentation of tickets, shift documentation, correspondence, and escalations. Ensure events are handled at detection time according to established procedures. Demonstrate excellent communication and client care skills by documenting all activities within our client delivery systems and communicating with client representatives in a timely manner. Stay informed of current events in the security industry including the latest exploits and threats as well as preventative measures, remediation, and restoration techniques. Act as the escalation point for client requests for information and presence. Mentor team members to improve quality and consistency of security information analysis of network traffic. Assist analysts in investigation and ticket creation efforts and provide daily monitoring and alerting of events in near real time.
Required Qualifications
Due to the nature of this government contract, US Citizenship is required. BA or BS degree from a recognized university with specialization in Computer Sciences or a related discipline. A minimum of three to five (3-5) years of directly related practical experience and demonstrated ability to carry out the functions of the job. Experience working in an IT Security Operations Center using SANS methodology. Experience and extensive knowledge of Security Information Event Management (experience with Google SecOps required). Experience in Intrusion Detection or Prevention Systems. Knowledge of TCP/IP, computer networking, routing and switching. Experience in Linux/UNIX and Windows based devices at the System Administrator level. System log forensics (Syslog, Event Viewer). Strong troubleshooting, reasoning and problem-solving skills. Team player with excellent communication skills and good time management. Organizational skills and the ability to work autonomously with attention to processes. Ability to speak and communicate effectively with peers, management, and clients. Ability to write clear and concise technical documentation and communicate in English.
Desired qualifications
SIEM/SOAR experience (Splunk, Microsoft Sentinel, Google SecOps, Cortex XSOAR). Experience using ticketing systems such as Remedy, LANDesk, ServiceNow. Experience creating, reviewing, and tuning automations in SOAR solutions. Security +, Network +, CISSP, CEH, GCIA, GCIH, CISM; SPLUNK training highly valued. Knowledge of strong authentication, end point security, internet policy enforcement, firewalls, web content filtering, database activity monitoring (DAM), PKI, DLP, IAM solutions.
CGI is required by law in some jurisdictions to include a reasonable estimate of the compensation range for this role. The determination of this range includes various factors not limited to skill set, level, experience, relevant training, and licensure and certifications. A reasonable estimate of the current range for this role in the U.S. is $69,700.00 - $137,100.00. Benefits Competitive compensation Comprehensive insurance options Matching contributions through the 401(k) plan and the share purchase plan Paid time off for vacation, holidays, and sick time Paid parental leave Learning opportunities and tuition assistance Wellness and well-being programs
Qualified applicants will receive consideration for employment without regard to race, ethnicity, ancestry, color, sex, religion, creed, age, national origin, citizenship status, disability, pregnancy, medical condition, military and veteran status, marital status, sexual orientation or perceived sexual orientation, gender identity, and gender expression, familial status or responsibilities, reproductive health decisions, political affiliation, genetic information, height, weight, or any other legally protected status or characteristics to the extent required by applicable federal, state, and/or local laws where we do business. CGI provides reasonable accommodations to qualified individuals with disabilities. If you need an accommodation to apply for a job in the U.S., please email the CGI U.S. Employment Compliance mailbox at US_Employment_Compliance@cgi.com. Include the Position ID of the position you are interested in. Your message will be routed to the appropriate recruiter who will assist you. This email address is for accommodations requests only. We welcome veterans and transitioning service members. CGI supports translating military experience and skills. For more information, visit our veterans site. All CGI offers of employment in the U.S. are contingent upon successful completion of a background investigation. Some roles may require a government security clearance, which could include a credit check. CGI will consider qualified applicants with arrests or convictions in accordance with applicable laws. CGI is an equal opportunity employer. We will not discriminate based on race, color, religion, sex, national origin, disability, or any other protected status. For further details, please refer to CGI's equal employment opportunity policies. Seniority level Mid-Senior level Employment type
Full-time Job function
Information Technology Industries IT Services and IT Consulting
#J-18808-Ljbffr
CGI Federal is looking for a
SOC Analyst
to support our Managed Security Services based out of Huntsville, AL. We provide Incident Management and Intrusion Detection services, along with Threat Hunting and in-depth analysis to our customers. Qualified applicants will be on the forefront of incident response where they will utilize the latest in network security technology to provide Computer Network Defense and Information Assurance (IA) support to CGI Federal and its customers. This position is located in our Huntsville, AL, San Antonio, TX, Lebanon, VA, or Lafayette, LA office; however, a hybrid working model of two days a week onsite. Responsibilities Understand and maintain the appropriate knowledge of tools, security procedures, and services within the CGI Federal Managed Security Services (MSS). Ensure that event analysis and incident reports are documented and quality control is applied to ensure accuracy. Assist in developing and maturing the future services and capabilities of the MSS, such as Threat Management, Penetration Assessments Activities, Tool & Automation Management, and more. Identify improvements within processes, procedures, policies, staffing, training, and tools to improve efforts and daily operations. Ensure that all procedures and operations are carried out as tasked. Responsible for shift activity logging and daily operations in terms of making sure that daily shift responsibilities are completed. Understand and contribute to the improvement and direction of CGI Federal's MSS objectives, direction, and procedures. Maintain the ability to complete all MSS operations and procedures and ensure the proper escalation and leadership knowledge is provided. Ensure the proper documentation of tickets, shift documentation, correspondence, and escalations. Ensure events are handled at detection time according to established procedures. Demonstrate excellent communication and client care skills by documenting all activities within our client delivery systems and communicating with client representatives in a timely manner. Stay informed of current events in the security industry including the latest exploits and threats as well as preventative measures, remediation, and restoration techniques. Act as the escalation point for client requests for information and presence. Mentor team members to improve quality and consistency of security information analysis of network traffic. Assist analysts in investigation and ticket creation efforts and provide daily monitoring and alerting of events in near real time.
Required Qualifications
Due to the nature of this government contract, US Citizenship is required. BA or BS degree from a recognized university with specialization in Computer Sciences or a related discipline. A minimum of three to five (3-5) years of directly related practical experience and demonstrated ability to carry out the functions of the job. Experience working in an IT Security Operations Center using SANS methodology. Experience and extensive knowledge of Security Information Event Management (experience with Google SecOps required). Experience in Intrusion Detection or Prevention Systems. Knowledge of TCP/IP, computer networking, routing and switching. Experience in Linux/UNIX and Windows based devices at the System Administrator level. System log forensics (Syslog, Event Viewer). Strong troubleshooting, reasoning and problem-solving skills. Team player with excellent communication skills and good time management. Organizational skills and the ability to work autonomously with attention to processes. Ability to speak and communicate effectively with peers, management, and clients. Ability to write clear and concise technical documentation and communicate in English.
Desired qualifications
SIEM/SOAR experience (Splunk, Microsoft Sentinel, Google SecOps, Cortex XSOAR). Experience using ticketing systems such as Remedy, LANDesk, ServiceNow. Experience creating, reviewing, and tuning automations in SOAR solutions. Security +, Network +, CISSP, CEH, GCIA, GCIH, CISM; SPLUNK training highly valued. Knowledge of strong authentication, end point security, internet policy enforcement, firewalls, web content filtering, database activity monitoring (DAM), PKI, DLP, IAM solutions.
CGI is required by law in some jurisdictions to include a reasonable estimate of the compensation range for this role. The determination of this range includes various factors not limited to skill set, level, experience, relevant training, and licensure and certifications. A reasonable estimate of the current range for this role in the U.S. is $69,700.00 - $137,100.00. Benefits Competitive compensation Comprehensive insurance options Matching contributions through the 401(k) plan and the share purchase plan Paid time off for vacation, holidays, and sick time Paid parental leave Learning opportunities and tuition assistance Wellness and well-being programs
Qualified applicants will receive consideration for employment without regard to race, ethnicity, ancestry, color, sex, religion, creed, age, national origin, citizenship status, disability, pregnancy, medical condition, military and veteran status, marital status, sexual orientation or perceived sexual orientation, gender identity, and gender expression, familial status or responsibilities, reproductive health decisions, political affiliation, genetic information, height, weight, or any other legally protected status or characteristics to the extent required by applicable federal, state, and/or local laws where we do business. CGI provides reasonable accommodations to qualified individuals with disabilities. If you need an accommodation to apply for a job in the U.S., please email the CGI U.S. Employment Compliance mailbox at US_Employment_Compliance@cgi.com. Include the Position ID of the position you are interested in. Your message will be routed to the appropriate recruiter who will assist you. This email address is for accommodations requests only. We welcome veterans and transitioning service members. CGI supports translating military experience and skills. For more information, visit our veterans site. All CGI offers of employment in the U.S. are contingent upon successful completion of a background investigation. Some roles may require a government security clearance, which could include a credit check. CGI will consider qualified applicants with arrests or convictions in accordance with applicable laws. CGI is an equal opportunity employer. We will not discriminate based on race, color, religion, sex, national origin, disability, or any other protected status. For further details, please refer to CGI's equal employment opportunity policies. Seniority level Mid-Senior level Employment type
Full-time Job function
Information Technology Industries IT Services and IT Consulting
#J-18808-Ljbffr