Cybersecurity Specialist

Position Description :

• Work Location : Hybrid Ottawa / Gatineau or Montreal
• Security Clearance : Must have or be eligible for Enhanced Reliability Clearance ( lived in Canada for 5 years).

At CGI, our success comes from the talent and commitment of our professionals. As one team, we share the challenges and rewards that come from growing our company.

All of our employees benefit from the value we collectively build.

Be part of something innovative and take control of your future! Are you ready for the responsibility of working with high profile clients in the world's most exciting sectors?

Do you want to take your career to the next level as part of a multifaceted company that gives you a direct stake in its success?

If you do, we're looking to strengthen our busy Cyber team. Apply today and find out how to develop your cyber career at CGI.

This Cybersecurity Specialist role supports the Cybersecurity Operations team (SOC) in hunting and protecting our CGI clients from cyber threats.

Our team of Threat Hunters work as part of a pro-active investigation team that iteratively analyzes information across various data sources, establishing the likelihood of business impact, and helps to identify control enhancements to mitigate / isolate risk to business operations.

This is a hybrid role; preference will be given to those residing in Gatineau / Ottawa or Montreal.

As a Cybersecurity Specialist - Threat Hunting and Detection, you'll be instrumental in utilizing advanced threat-hunting technologies to detect and analyze emerging threats, define attack paths, and track threat actors and their tactics, enabling the development of robust behavioral models and proactive defense measures.

You will help to extract data and remove the noise to pinpoint internal and external threats. Our client base is global and in nearly every industry.

The successful candidate will build strong relationships within the larger Cyber and IT teams to communicate findings and solutions to remediate threats and vulnerabilities.

They will collaborate with the Cyber teams on our improvements to incident detection and response times.

Your future duties and responsibilities :

As a Cybersecurity Specialist - Threat Hunting and Detection, you will :

• Work on complex analysis of cybersecurity events across multiple security platforms with the potential to affect multiple IT and Business teams, where advanced business acumen and / or ingenuity are required.
• Follow the emerging threats and attack techniques by reading detailed analytics anomalies.
• Identify, analyze, and define the attack path of advanced intrusions.
• Identify opportunities to develop new processes, tools, and services that improve event analysis and incident response, decreasing overall time to detect and respond.
• Work assignments involve complex issues requiring in-depth analysis of cybersecurity events, malware, network traffic, and other threat data with minimal precedent.
• Collaborate within the Cybersecurity Operations (SOC) teams to develop threat hunting use cases, perform investigations, and analyze findings.
• Maintain situational awareness of cyber activity by reviewing new anomalies and tracking attack campaigns through their attack cycle.

Track threat actors, tactics, techniques, and procedures (TTPs), and associated Indicators of Compromise (IOCs) through the analytics.

• Work across different technology stacks in leading cloud providers like AWS, Azure, and GCP
• Analyze security events using logs and open-source knowledge to determine legitimate or false positive nature
• Maintain a record of security monitoring activities via case management and ticketing technologies
• Administer and monitor intrusion detection, file integrity, endpoint protection, log management and SIEM solutions
• Integrate security tools using a wide variety of data sources that use various protocols
• Consult with clients to customize and configure tools in order to meet security and compliance requirements
• Communicate alerts to team members and clients related to security anomalies in the environment
• Apply technical writing skills to create formal documentation such as analytical reports and briefings
• Develop and maintain standard operating procedures and training materials
• Participate in on-call rotations as needed to support client operational needs that may lay outside of business hours

Required qualifications to be successful in this role :

• Due to the nature of our clients, ability to obtain (or pre-existing from another employer) Enhanced Reliability Security Clearance is mandatory
• Demonstrated advanced knowledge of cybersecurity disciplines with a focus on Threat Hunting, Detection, Incident Response and Threat Intelligence.

In-depth understanding of the potential business and industry impact.

Excellent customer-centric, analytical, critical thinking skills with strong attention to detail and a commitment to quality.

Strong interpersonal skills to build relationships and work with technical and non-technical professionals.

• Deep understanding of malware methods, attack tactics, and TTPs.
• Strong familiarity with attacker tradecraft and client relationships.
• Proficiency in utilizing and configuring Endpoint / Extended Detection and Response solutions.
• Experience in incident response, including advanced adversary detection and log analysis.
• Familiarity with Cyber Kill Chain Model and MITRE ATT&CK Matrix.
• Experience working in an MSSP and working with diverse clients, understanding their business challenges, and providing strategic cybersecurity guidance.
• Experience with Microsoft Security Products
• Relevant cyber security certification such as CISSP, GIAC, Security+ or equivalent (an asset)
• Extensive knowledge of Operating Systems, network security concepts, and protocols
• Understanding of ITIL Framework and Change Management Processes
• Bilingualism (English / French) an asset
• Education : IT related degree / diploma combined with relevant experience

Skills :

• Incident Response
• ITIL
• Threat Risk Assessment
Il y a 10 jours