Meet our professionals
CGI UK - Careers at CGI - Be part of something
How does working for an organisation at the forefront of delivering secure, mission-critical IT solutions to a variety of industry sectors sound to you? Exciting, we hope.
The Red Team Analyst is part of the Global Advanced Threat Management Office, helping build and deliver corporate Red Team operations, and contributing to the global vulnerability management program. This position may be required to operate independently or as part of the team to execute threat simulations with an international team of operators within CGI's Global Security Operations Centre.
Your future duties and responsibilities:
• Execute Red Team engagements and campaigns across the spectrum of people, processes and technologies, consistent with goals and objectives of the CGI Rules of Engagement
• Maintain operational and lab infrastructure, tooling and technologies in local datacentres and cloud environments
• Simulate sophisticated cyber-attacks regionally, and worldwide using a variety of tactics and techniques
• Assist in planning of threat campaigns to include plan development
• Conduct network and application penetration testing
• Manage regular and ad-hoc vulnerability assessments; conduct analysis and validation
•Research and develop Red Team methodologies including tactics, techniques and procedures
•Develop Red Team reports and deliverables
Required qualifications to be successful in this role:
• Degree in IT, Security, Engineering or Technology is a major plus
• One or more of the following certifications: OSCP, OSCE, GPXN, GPEN, GWAPT, CREST Certified Simulated Attack Specialist (CCSAS)
• Expertise in at least two of the following areas: Windows/Linux/Unix Operating Systems, Open-source and commercial offensive security tools, Red team exercises: Penetration testing, Social engineering tactics, Exploitation techniques
• Ability to deliver high quality reporting on technical issues identified and providing remediation guidelines to varying audiences
• Knowledge of operational security tactics and techniques (exploits and evasion, persistence techniques, lateral movement, social engineering, etc.)
• Hands-on experience with one or more scripting languages such as Python, PowerShell, Ruby, etc.
• Track record of one or more programming languages such as C#, etc.
• Working knowledge of advanced persistent threats
• Working knowledge of firewalls and other network security products
• Familiarity with debuggers and disassemblers is an asset
• Track record with developing Malleable C2 profiles.
• Track record in exploit development is an asset
• Hands-on knowledge of working within a DevOps environment, infrastructure automation and testing with technologies such as Ansible & Vagrant
• Track record of using virtualization and containerization in on premise environments as well as cloud environments.
• Knowledge of working with ElasticSearch, Logstash, and Beats and their respective configuration/customization
• Excellent written and oral communication skills
• Self-motivated and able to work both independently and with a team
• Willing to travel internationally up to 10% if preferred
Be part of our story.
What you can expect from us:
Build your career with us.
It is an extraordinary time to be in business. As digital transformation continues to accelerate, CGI is at the center of this change—supporting our clients’ digital journeys and offering our professionals exciting career opportunities.
At CGI, our success comes from the talent and commitment of our professionals. As one team, we share the challenges and rewards that come from growing our company, which reinforces our culture of ownership. All of our professionals benefit from the value we collectively create.
Be part of building one of the largest independent technology and business services firms in the world.
Learn more about CGI at www.cgi.com.
No unsolicited agency referrals please.
CGI is an equal opportunity employer.