The Red Team Analyst is part of the Global Advanced Threat Management Office, helping build and deliver corporate Red Team operations, and contributing to the global vulnerability management program. The Red Team conducts advanced adversary emulation operations to challenge assumptions and emulate threat actors targeting or attacking the business. This position may be required to operate independently or as part of the team to execute threat simulations with an international team of operators within CGI's Global Security Operations Center.
Your future duties and responsibilities:
• Execute Red Team engagements and campaigns across the spectrum of people, processes and technologies, consistent with goals and objectives of the CGI Rules of Engagement
• Maintain operational and lab infrastructure, tooling and technologies
• Simulate sophisticated cyber-attacks regionally, and worldwide using a variety of tactics and techniques
• Assist in planning of threat campaigns to include plan development
• Develop operation C2 profiles to mimic known and emerging threat actors
• Conduct network and application penetration testing
• Manage regular and ad-hoc vulnerability assessments; conduct analysis and validation
• Research and develop Red Team methodologies including tactics, techniques and procedures
• Develop new tooling and modify existing tooling to account for changing network and detection landscapes
• Develop Red Team reports and deliverables
• Develop processes and automation to streamline the reporting process where possible
Required qualifications to be successful in this role:
• Degree in IT, Security, Engineering or Technology is an asset
• Any of the following certifications: OSCP, OSCE, GPXN, GPEN, GWAPT, Certified Red Team Operator (Zero-Point Security), CREST Certified Simulated Attack Specialist (CCSAS)
• Experience (2+ years) in at least two of the following areas: Open-source and commercial offensive security tools, Red team exercises, Penetration testing, Social engineering, Exploitation techniques
• Knowledge of Windows/Linux/Unix administration, configuration, and security flaws
• Knowledge of operational security tactics and techniques (exploits and evasion, persistence techniques, lateral movement, social engineering, etc.)
• Experience with one or more programming and/or scripting languages
• Experience with developing Malleable C2 profiles.
• Working knowledge of advanced persistent threats
• Working knowledge of firewalls and other network security products
• Familiarity with debuggers and disassemblers is an asset
• Experience in exploit development is an asset
• Experience with infrastructure automation and testing with technologies such as Ansible & Vagrant is an asset
• Experience using virtualization and containerization in on premise environments as well as cloud environments.
• Experience with ELK stack is an asset
• Ability to deliver high quality reporting on technical issues identified and providing remediation guidelines to varying audiences
• Excellent written and oral communication skills
• Self-motivated and able to work both independently and with a team
• Willing to travel internationally up to 10%
What you can expect from us:
Build your career with us.
It is an extraordinary time to be in business. As digital transformation continues to accelerate, CGI is at the center of this change—supporting our clients’ digital journeys and offering our professionals exciting career opportunities.
At CGI, our success comes from the talent and commitment of our professionals. As one team, we share the challenges and rewards that come from growing our company, which reinforces our culture of ownership. All of our professionals benefit from the value we collectively create.
Be part of building one of the largest independent technology and business services firms in the world.
Learn more about CGI at www.cgi.com.
No unsolicited agency referrals please.
CGI is an equal opportunity employer.