L3 Cloud Analyst, GSOC

L3 Cloud Analyst, GSOC

Category: Cyber Security
City: Toronto, Ottawa, Montreal, Quebec City, Vancouver, Victoria, Calgary, Edmonton, Regina, Canada
Position ID: J0920-1063
Employment Type: Full Time

Position Description:

CGI is more than just an IT consulting company; we are a global organization offering a world of opportunities. Become part of an outstanding culture that gives you the freedom to innovate, influence decisions, achieve your full potential, and chart your own career! Our benefits include a share purchase program, profit sharing, wellness credits, training and development programs and flexible work schedules.

The Level 3 Analyst is a core member of the GSOC protective monitoring team (Blue Team), responsible for responding to escalated threats and events from Level 2 Analysts and conducting advanced threat hunting in collaboration with the threat hunting lead. If you are looking for an opportunity to grow your career in a fast-paced and multifaceted GSOC environment, this could be the ideal role!

Your future duties and responsibilities:

• Monitor for alerts generated and escalated by GSOC monitoring technologies or escalated by Level 2 Analysts
• Conduct research, collaborate with GSOC team members and attend training sessions to maintain awareness of trends in new security threats, technologies and regulations
• Monitor automated tool output and conduct spot checks for accuracy of outputs

• Analyze and respond to security events and incidents from GSOC monitoring technologies or escalated by Level 2 analysts
• Mentor Level 2 analysts and review and advise on standard operating procedures and training documentation
• Work with CGI’s ITSM system during incident handling and triage
• Determine and classify the severity of alerts and assess potential impacts as classification defined in knowledge base and report potential security incidents
• Conduct preliminary incident triage according to the Security Incident Management Triage Matrix and set the priority accordingly
• Validate triage conducted by Level 2 analysts and automated tools

• Perform advanced digital forensic analysis, reverse engineering, dynamic, static, host-based or network analysis during an investigation
• Share knowledge and provide guidance during security incidents
• Work closely with other teams to provide mitigation recommendations to reduce the overall security risk within the organization
• Provide ideas and feedback to improve the overall GSOC capabilities
• Work until incident resolution or as advised by the Blue Team Operations leadership

• Utilize, contribute and be an authority on threat intelligence knowledge
• Perform advanced threat hunting for unknown cyber security events in order to find, identify and categorize advanced cyber threats
• Be a recognized senior specialist within the GSOC team

Required qualifications to be successful in this role:

• Demonstrable experience completing complex security investigations to closure
• Detailed understanding of information sources required to complete an investigation and assemble and correlate those information sources
• Experience operating and optimizing configurations or making recommendations on multiple security defense platforms
• Script writing skills that can be used by other analysts to conduct and complete investigations
• Experience providing security investigations and reverse-engineering suspicious files
• Solid understanding of Windows operating systems and common applications including common areas of vulnerability and attack
• Strong knowledge of Unix/Linux operating systems and accepted server hardening approaches
• Demonstrable experience in Networking, including secure architecture and design concepts as well as detailed TCP/IP knowledge
• Solid knowledge of forensics including law enforcement requirements and concepts such as chain of custody
• Knowledge of cloud technologies
• Self-directed and able to lead improvement initiatives
• Ability to mentor less experienced analysts and assist with career development
• Knowledge of industry standards and best practices

Education and Certifications
• Minimum of 3 years’ experience working in a similar Cyber Security role or associated field
• Certifications in cyber security related disciplines (e.g. SANS)


What you can expect from us:

Build your career with us.

It is an extraordinary time to be in business. As digital transformation continues to accelerate, CGI is at the center of this change—supporting our clients’ digital journeys and offering our professionals exciting career opportunities.

At CGI, our success comes from the talent and commitment of our professionals. As one team, we share the challenges and rewards that come from growing our company, which reinforces our culture of ownership. All of our professionals benefit from the value we collectively create.

Be part of building one of the largest independent technology and business services firms in the world.

Learn more about CGI at www.cgi.com.

No unsolicited agency referrals please.

CGI is an equal opportunity employer. In addition, CGI is committed to providing accommodations for people with disabilities in accordance with provincial legislation. Please let us know if you require a reasonable accommodation due to a disability during any aspect of the recruitment process and we will work with you to address your needs.