Digital Forensics and Incident Response DFIR Consultant

Position Description:

We are seeking a highly skilled and motivated Cyber DFIR Analyst to join our growing cybersecurity team. In this role you will lead and support digital forensics and incident response (DFIR) activities across CGIs customer base. You will investigate security incidents analyze threats identify root causes and provide remediation strategies to mitigate risk. This is a handson technical role requiring deep expertise in threat hunting forensic analysis and response coordination.

Location: open to locations within proximity to a CGI office
Security Clearance: Must have or be eligible to obtain Reliability Clearance

Your future duties and responsibilities:

Key Responsibilities:
Incident Response: Detect analyze and respond to cybersecurity incidents using industrystandard tools and methodologies.
Forensics Investigations: Collect preserve and analyze digital evidence from systems networks and endpoints.
Threat Hunting: Proactively search for indicators of compromise (IOCs) and advanced persistent threats (APTs) within enterprise environments.
Malware Analysis: Perform static and dynamic analysis of malware artifacts to understand behaviors and impact.
Log Analysis: Analyze logs from various systems (e.g. SIEMs EDRs firewalls proxies) to reconstruct attack timelines and identify unauthorized activity.
Root Cause Analysis: Identify the entry point method and impact of cyber intrusions.
Reporting: Create detailed forensic and incident reports for both technical and nontechnical audiences including executive summaries.
Collaboration: Work with SOC analysts IT teams and legal/compliance departments during investigations and postincident reviews.
Continuous Improvement: Contribute to the development of DFIR playbooks runbooks and procedures to improve response readiness.

Required qualifications to be successful in this role:

Bachelors degree in Cybersecurity Computer Science Information Technology or related field (or equivalent experience)
Security Clearance: Must have or be eligible to obtain Reliability Clearance
3 years of experience in digital forensics and/or incident response
Strong understanding of cyber threats attack vectors and MITRE ATT&CK framework
Handson experience with DFIR tools such as EnCase FTK Volatility XWays Velociraptor etc.
Proficient in analyzing Windows Linux and macOS systems
Experience with SIEMs (e.g. Splunk QRadar) EDRs (e.g. CrowdStrike SentinelOne) and packet analysis tools (Wireshark)
Excellent communication documentation and analytical skills
Preferred:
Relevant certifications such as GCFA GNFA GCIH CHFI or CISSP
Experience with scripting (Python PowerShell Bash) for automation and data parsing
Knowledge of cloud platforms (AWS Azure GCP) and associated security tooling
Familiarity with legal chainofcustody and compliance requirements (e.g. GDPR HIPAA PCIDSS)

#LIAB19

Skills:

• Firewalls
• GIAC Cert Forensic Analyst
• Linux
• Splunk
• Wireshark
• GIAC Cert Incident Handler
• Python

What you can expect from us:

Together as owners lets turn meaningful insights into action.

Life at CGI is rooted in ownership teamwork respect and belonging. Here youll reach your full potential because

You are invited to be an owner from day 1 as we work together to bring our Dream to life. Thats why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our companys strategy and direction.

Your work creates value. Youll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas embrace new opportunities and benefit from expansive industry and technology expertise.

Youll shape your career by joining a company built to grow and last. Youll be supported by leaders who care about your health and wellbeing and provide you with opportunities to deepen your skills and broaden your horizons.

At CGI we recognize the richness that diversity brings. We strive to create a work culture where all belong and collaborate with clients in building more inclusive communities. As an equalopportunity employer we want to empower all our members to succeed and grow. If you require an accommodation at any point during the recruitment process please let us know. We will be happy to assist.

Come join our teamone of the largest IT and business consulting services firms in the world.