Senior Cyber Red Team Analyst

Category: Cyber Security
Main location:
Alternate Location(s): Any CGI location
Position ID: J0322-0109
Employment Type: Full Time

Position Description:

The Red Team Analyst is part of the Global Advanced Threat Management Office, helping build and deliver corporate Red Team operations, and contributing to the global vulnerability management program. The Red Team conducts advanced adversary emulation operations to challenge assumptions and emulate threat actors targeting or attacking the business. This position may be required to operate independently or as part of the team to execute threat simulations with an international team of operators within CGI's Global Security Operations Center.

Your future duties and responsibilities:

• Execute Red Team engagements and campaigns across the spectrum of people, processes and technologies, consistent with goals and objectives of the CGI Rules of Engagement
• Maintain operational and lab infrastructure, tooling and technologies

Threat Simulation
• Simulate sophisticated cyber-attacks regionally, and worldwide using a variety of tactics and techniques
• Assist in planning of threat campaigns to include plan development
• Develop operation C2 profiles to mimic known and emerging threat actors

Penetration Testing
• Conduct network and application penetration testing

Vulnerability Assessment
• Manage regular and ad-hoc vulnerability assessments; conduct analysis and validation

• Research and develop Red Team methodologies including tactics, techniques and procedures
• Develop new tooling and modify existing tooling to account for changing network and detection landscapes

• Develop Red Team reports and deliverables
• Develop processes and automation to streamline the reporting process where possible

Required qualifications to be successful in this role:

• Degree in IT, Security, Engineering or Technology is an asset
• Any of the following certifications: OSCP, OSCE, GPXN, GPEN, GWAPT, Certified Red Team Operator (Zero-Point Security), CREST Certified Simulated Attack Specialist (CCSAS)
• Experience (2+ years) in at least two of the following areas: Open-source and commercial offensive security tools, Red team exercises, Penetration testing, Social engineering, Exploitation techniques
• Knowledge of Windows/Linux/Unix administration, configuration, and security flaws
• Knowledge of operational security tactics and techniques (exploits and evasion, persistence techniques, lateral movement, social engineering, etc.)
• Experience with one or more programming and/or scripting languages
• Experience with developing Malleable C2 profiles.
• Working knowledge of advanced persistent threats
• Working knowledge of firewalls and other network security products
• Familiarity with debuggers and disassemblers is an asset
• Experience in exploit development is an asset
• Experience with infrastructure automation and testing with technologies such as Ansible & Vagrant is an asset
• Experience using virtualization and containerization in on premise environments as well as cloud environments.
• Experience with ELK stack is an asset
• Ability to deliver high quality reporting on technical issues identified and providing remediation guidelines to varying audiences
• Excellent written and oral communication skills
• Self-motivated and able to work both independently and with a team
• Willing to travel internationally up to 10%

What you can expect from us:

Insights you can act on

While technology is at the heart of our clients’ digital transformation, we understand that people are at the heart of business success.

When you join CGI, you become a trusted advisor, collaborating with colleagues and clients to bring forward actionable insights that deliver meaningful and sustainable outcomes. We call our employees "members" because they are CGI shareholders and owners and owners who enjoy working and growing together to build a company we are proud of. This has been our Dream since 1976, and it has brought us to where we are today — one of the world’s largest independent providers of IT and business consulting services.

At CGI, we recognize the richness that diversity brings. We strive to create a work culture where all belong and collaborate with clients in building more inclusive communities. As an equal-opportunity employer, we want to empower all our members to succeed and grow. If you require an accommodation at any point during the recruitment process, please let us know. We will be happy to assist.

Ready to become part of our success story? Join CGI — where your ideas and actions make a difference.