Menu close

SOC Analyst (Mid) - U.S. Citizenship Required

Back

SOC Analyst (Mid) - U.S. Citizenship Required

@ CGI

Position Description:

  • CGI Federal is hiring a SOC Analyst (Mid) to work with a skilled and motivated team of professionals on a high-visibility Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) cyber security program.
  • You will support a dynamic, fast-paced project focused on improving the cyber security posture of civilian government agencies through the implementation and enhancement of a cybersecurity platform, providing integration services, and developing, securing and maintaining cybersecurity dashboards.
  • You will work closely with a variety of agency stakeholders, supporting their mission, priorities, organization, and unique challenges.
  • You will also support the development of additional cyber security offerings focused on next generation security solutions and technologies.
  • Qualified applicants will be on the forefront of incident response where they will utilize the latest in network security technology to provide Computer Network Defense and Information Assurance (IA) support to CGI Federal and its customers.
  • This position is located in our Lafayette, LA office; however, a hybrid working model is acceptable. You will be required to be in our Lafayette, LA office two days per week.


Your future duties and responsibilities:

  • Interpret and incidents to understand the impact and threat mechanisms
  • Map and decipher the tactics, techniques and procedures (TTPs)
  • Own the response and remediation of every alert
  • Ensure that each alert description and recommendation is clearly articulated to technical and management personnel
  • Develop proper response actions as part of guided response to Agencies, in the context of a specific security incident
  • Engage with the Agencies, through established communication channels, to guide through a response action
  • Develop possible remediation plan(s) for a specific security incident. Document as part of the playbook.
  • Develop response and remediation templates
  • Work with a TIA to develop Tech Notes and Agency Advisories as needed
  • Provide the required subject matter expertise for effective EDR implementations
  • Assist with response and recovery actions when appropriate
  • Document lessons learned and best practices as part of day-to-day operations and review with appropriate leadership
  • Support CISA as needed

Qualifications:

Required qualifications to be successful in this role:

  • Due to the nature of the contract requirements, US citizenship and successful passing of CGI background check is required prior to beginning work. In addition, candidates must have the ability to obtain and maintain a DHS CISA EOD/Public Trust clearance
  • Bachelor's degree in Computer Science or related discipline and 3-5 years of experience of directly related practical experience and demonstrated ability to carry out the functions of the job
  • Experience working in an IT Security Operations Center using SANS methodology
  • Experience and knowledge of Security Information Event Management
  • Experience in Intrusion Detection or Prevention Systems
  • Knowledge of: TCP/IP, computer networking, routing, and switching
  • Experience in Linux/UNIX and Windows based devices at the System Administrator level
  • System log forensics (Syslog, Event Viewer)
  • Strong troubleshooting, reasoning, and problem-solving skills
  • Team player, excellent communication skills, and good time management skills
  • Organizational skills and the ability to work autonomously with attention to processes
  • Ability to speak and communicate effectively with peers, management, and clients
  • Ability and experience in writing clear and concise technical documentation
  • Ability to speak and write fluently in English


Desired qualifications/non-essential skills required:

  • SIEM experience (ArcSight, QRadar, Splunk)
  • Experience using ticketing systems such as Remedy, LanDesk, ServiceNow
  • Security+, Network+, CISSP, CEH, GCIA, GCIH, CISM, or Splunk training highly valued
  • Knowledge of: Strong Authentication, End Point Security, Internet Policy Enforcement, Firewalls, Web Content Filtering, Database Activity Monitoring (DAM), Public Key Infrastructure (PKI), Data Loss Prevention (DLP), Identity and Access Management (IAM) solutions
  • Familiarity or experience with CISA’s Continuous Diagnostic and Mitigation (CDM) Program


Skills:

  • Computer Security
  • Security Operations Center
  • Identity and Access Mgt (IAM)

How to Apply:

Apply online at https://www.cgi.com/en/careers

Visit Site to Apply

Location: Lafayette, LA
Date Posted: July 17, 2024
Application Deadline: August 19, 2024
Job Type: Full-time