SOC Analyst
SOC Analyst
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Position Description:
Scope
Monitoring and Incident Response scope for these roles will be for the following infrastructures:
Client entities/logs not requiring security clearances
Security Analyst SOC L2
In your capacity as a SOC Security Analyst reporting to the Cyber Security Manager you will help protect Client employees business and infrastructure. You will act as an important part of Clients Global Security group whose mandate covers both physical and cyber security.
This role will be part of the group which provides governance on security aspects to Client business units performs cyber threat intelligence and monitors the infrastructure to detect triage and respond to cyber security events.
Responsibilities
Monitor the infrastructure to detect cyber security events triage them and follow established incident response processes
Participate in Incident Analysis and Response
Participate in the evolution of use cases incident response processes as well as other tasks performed by the team
Requirements
Bachelors or Master Degree level in Computer Sciences Computer Engineering Software Engineering Information Security or any other equivalent degree
Minimum of 4 years of experience in the Information Security field
Experience
Identification triage of Cyber Security Events
Deliver 24/7 monitoring of Security Alerts generated by SIEM Tools (Azure Sentinel Qradar Cofence)
Integrate with CGI Security Orchestration and Response (SOAR) solution pulling alert data from by SIEM Tools (Azure Sentinel Qradar Cofence) to support security analyst monitoring activities to gain investigation intelligence;
Run enrichment playbooks against the alert(s) to extract and augment data provided with the initial alert to further drive and help analysts in their event classification and analysis.
Engage incident process playbooks to ensure standardization and enhanced SOC response capabilities when or if a security issue is declared
Ensure SLA requirements are being met and proper processes used.
Post Security Incident Reports to the clients MSS Security portal
Monitor for suspicious activities including predefined threat signature criteria and indicators of attack
Use preconfigured alerts to rapidly identify suspicious activities
Respond to generated security events and assess whether or not a valid security incident has occurred
Notify clients designated contacts and recommend next steps to follow if an incident is identified;
Collaborate with the hardening team to address security events that have been determined to be a false positives
Recommend improvements to dashboards and Sentinel tuning/normalization to the hardening team as applicable
Triage and assessment of potentially infected Windows hosts
Response to phishing campaigns
Response to cyber security events in Microsoft Office 365
Tools Support & Monitoring Working knowledge of systems such as SIEM EDR Antivirus Splunk MS Defender
Knowledge and Skills
Security is a passion
Knowledge & Experience on Splunk QRadar Azure Sentinel is must
Knowledge in malware investigations and remediations
Good understanding of the Windows operating system and protocols such as TCP/IP HTTP SMTP
Strong analytical and investigative skills
Strong technical and learning agility able to adapt to constantly evolving threats domains and technologies
Good written communication skills
Ability to work independently under pressure
Skills:
- Security Infrastructure Supprt
- Security Operations Center
- Splunk
- Vulnerability Management(IAVM)
What you can expect from us:
Together as owners lets turn meaningful insights into action.
Life at CGI is rooted in ownership teamwork respect and belonging. Here youll reach your full potential because
You are invited to be an owner from day 1 as we work together to bring our Dream to life. Thats why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our companys strategy and direction.
Your work creates value. Youll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas embrace new opportunities and benefit from expansive industry and technology expertise.
Youll shape your career by joining a company built to grow and last. Youll be supported by leaders who care about your health and wellbeing and provide you with opportunities to deepen your skills and broaden your horizons.
Come join our teamone of the largest IT and business consulting services firms in the world.
Required Experience:
IC
Employment Type
Full-Time
