Security Monitoring and Response Specialist

CGI

$60K — $110K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • 5-7 years experience in a Security Operations Centre or equivalent role.
  • Strong understanding of cybersecurity principles, including TTPs and attack vectors.
  • Proficient in monitoring and analyzing security alerts across various technologies.
  • Degree in Cyber Security, Computer Science, or related field, or equivalent experience.
  • Knowledge of SIEM, EDR, and other security technologies.

Responsibilities

  • Monitor security alerts from multiple security technologies 24/7.
  • Analyze and triage security alerts to assess severity and potential impact.
  • Respond to incidents as per established procedures and SLAs.
  • Escalate confirmed incidents to response teams with detailed documentation.
  • Contribute to the enhancement of operational processes and playbooks.
  • Stay updated on current cyber threats and industry best practices.
  • Collaborate with multiple teams to improve detection and response capabilities.

Benefits

  • Opportunities for continuous learning and professional growth.
  • Collaborative work environment with global teams.
  • Mentorship opportunities for career development.
  • Flexible work locations across multiple Canadian cities.
Full Job Description
Security Monitoring and Response Specialist

Category: Cyber Security

Main location: Canada, Ontario, Toronto

Alternate Location(s): Canada, Ontario, Ottawa
Canada, British Columbia, Vancouver
Canada, Quebec, Montreal
Canada, Alberta, Calgary

Position ID:J0726-1036

Employment Type: Full Time

Position Description:

Location: This role can be located at any CGI office in Canada

The Security Monitoring Analyst is part of CGI's Global Security Operations Center (GSOC), which provides 24/7 security monitoring, threat detection, and incident response capabilities across the organization.
As a member of GSOC, the Security Monitoring Analyst is responsible for monitoring, analyzing, triaging, and responding to security events to identify and mitigate cyber threats in real time. The role also contributes to the continuous improvement of CGI's security operations by refining detection capabilities, enhancing monitoring processes, and strengthening the organization's overall security posture.
Working within a global team, the Security Monitoring Analyst collaborates closely with Detection Engineering, Threat Intelligence, Incident Response, Security Engineering, and other cybersecurity teams to investigate threats, improve detection content, and support effective security operations.
This role requires a solid understanding of cybersecurity principles, including threat actor tactics, techniques and procedures (TTPs), computer networking fundamentals, operating systems, common attack vectors, and modern threats and vulnerabilities. The successful candidate will be able to analyze security events from a variety of sources, distinguish between legitimate and malicious activity, and respond effectively in a fast paced operational environment.
The ideal candidate will possess strong analytical and problem solving skills, excellent communication abilities, and a passion for cybersecurity. They will demonstrate a continuous learning mindset and be committed to staying current with the evolving threat landscape and emerging security technologies.

Your future duties and responsibilities:

. Monitor security alerts and events from a range of security technologies, including SIEM, EDR, email security, network security, and cloud security platforms.
. Analyse, triage, and investigate security alerts to determine their severity, scope, and potential business impact.
. Respond to security incidents in accordance with established playbooks, procedures, and service level agreements (SLAs).
. Escalate confirmed or suspected security incidents to Incident Management and Response teams, providing clear documentation and supporting evidence.
. Contribute to the development and continuous improvement of operational processes, playbooks, and standard operating procedures.
. Stay informed of the latest cyber threats, threat actor tactics, techniques and procedures (TTPs), vulnerabilities, and industry best practices.
. Collaborate with Threat Intelligence, Detection Engineering, Threat Hunting, Security Engineering, and Incident Response teams to improve detection and response capabilities.
. Assist in identifying opportunities to improve automation and tune detection rules.
. Communicate investigation findings and technical information clearly to both technical and non technical stakeholders.
. Ensure all activities are performed in accordance with CGI security policies, standards, and regulatory requirements.
. Mentor and support junior analysts, providing coaching, guidance, and constructive feedback to develop their technical, analytical, and professional skills.

Required qualifications to be successful in this role:

. Experience working in a Security Operations Centre or equivalent cybersecurity operational role, or demonstrable hands on experience investigating security events through academic, military, apprenticeship, or industry experience.
. Experience monitoring, analysing, and investigating security alerts across a variety of security technologies.
. Good understanding of cyber threat actor tactics, techniques and procedures (TTPs), including the MITRE ATT&CK framework.
. Knowledge of common attack vectors, malware, phishing, identity based attacks, and modern cyber threats.
. Understanding of networking concepts and protocols, including TCP/IP, DNS, HTTP/S, SMTP, VPNs, and firewalls.
. Knowledge of Windows, Linux, and Active Directory security fundamentals.
. Experience using security technologies such as SIEM, Endpoint Detection and Response (EDR), email security, cloud security, or network detection tools.
. Strong analytical, problem solving, and investigative skills with the ability to make risk based decisions.
. Excellent written and verbal communication skills, including the ability to document investigations clearly.
. Ability to work effectively in a collaborative, global team environment.
. A proactive approach to learning and keeping current with the evolving cybersecurity landscape.
. Experience with AI technologies, including generative AI and machine learning solutions, is desirable.

QUALIFICATIONS & CERTIFICATIONS

. Degree in Cyber Security, Computer Science, Information Technology, or a related discipline, or equivalent practical experience.
. Relevant industry certifications are desirable, including one or more of:
. CompTIA Security+
. CompTIA CySA+
. Microsoft SC 200: Security Operations Analyst
. Microsoft AZ 500: Azure Security Engineer
. GIAC Certified Incident Handler (GCIH)
. GIAC Certified Intrusion Analyst (GCIA)
. ISC2 Certified in Cybersecurity (CC)
. CISSP

CGI is providing a reasonable estimate of the pay range for this role. The determination of this range includes factors such as skill set level, geographic market, experience and training, and licenses and certifications. Compensation decisions depend on the facts and circumstances of each case. A reasonable estimate of the current range is $60,000-110,000. This role is an existing vacancy

#LI-AB19

Skills:
  • Active Directory Security
  • Analytical Thinking
  • Collaboration
  • Incident response
  • Linux
  • Security Operations Center
  • Threat Risk Assessment


Similar Jobs

More Jobs at CGI

More Information Technology Jobs

Find similar Security Monitoring and Response Specialist jobs: