Security Monitoring and Response Specialist

CGI

$60K — $110K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • 5-7 years of experience in a Security Operations Centre or similar cybersecurity role.
  • Proficient in monitoring, analyzing, and investigating security alerts across various security technologies.
  • Strong understanding of cyber threat actor tactics, including familiarity with the MITRE ATT&CK framework.
  • Knowledge of networking fundamentals such as TCP/IP, DNS, and firewalls.
  • Experience with SIEM, EDR, and cloud security tools.
  • Excellent analytical and problem-solving skills, with a focus on risk-based decision making.
  • Ability to communicate investigation findings clearly to both technical and non-technical audiences.

Responsibilities

  • Monitor security alerts and events from diverse security technologies, including SIEM and EDR.
  • Analyze and investigate security alerts for severity, scope, and impact.
  • Respond to security incidents according to established procedures and SLAs.
  • Escalate confirmed incidents to Incident Management, providing detailed documentation.
  • Contribute to the improvement of operational processes and playbooks.
  • Stay updated on the latest cyber threats and industry best practices.
  • Collaborate with various cybersecurity teams to enhance detection and response capabilities.

Benefits

  • Flexible work location at any CGI office in Canada.
  • Opportunity for continuous professional development and learning.
  • Exposure to a collaborative global team in a thriving cybersecurity environment.
  • Mentorship opportunities within the team for career growth.
  • Access to advanced security technologies and tools for skill enhancement.
Full Job Description
Security Monitoring and Response Specialist

Category: Cyber Security

Main location: Canada, Ontario, Toronto

Alternate Location(s): Canada, Ontario, Ottawa
Canada, British Columbia, Vancouver
Canada, Quebec, Montreal
Canada, Alberta, Calgary

Position ID:J0726-1036

Employment Type: Full Time

Position Description:

Location: This role can be located at any CGI office in Canada

The Security Monitoring Analyst is part of CGI's Global Security Operations Center (GSOC), which provides 24/7 security monitoring, threat detection, and incident response capabilities across the organization.
As a member of GSOC, the Security Monitoring Analyst is responsible for monitoring, analyzing, triaging, and responding to security events to identify and mitigate cyber threats in real time. The role also contributes to the continuous improvement of CGI's security operations by refining detection capabilities, enhancing monitoring processes, and strengthening the organization's overall security posture.
Working within a global team, the Security Monitoring Analyst collaborates closely with Detection Engineering, Threat Intelligence, Incident Response, Security Engineering, and other cybersecurity teams to investigate threats, improve detection content, and support effective security operations.
This role requires a solid understanding of cybersecurity principles, including threat actor tactics, techniques and procedures (TTPs), computer networking fundamentals, operating systems, common attack vectors, and modern threats and vulnerabilities. The successful candidate will be able to analyze security events from a variety of sources, distinguish between legitimate and malicious activity, and respond effectively in a fast paced operational environment.
The ideal candidate will possess strong analytical and problem solving skills, excellent communication abilities, and a passion for cybersecurity. They will demonstrate a continuous learning mindset and be committed to staying current with the evolving threat landscape and emerging security technologies.

Your future duties and responsibilities:

. Monitor security alerts and events from a range of security technologies, including SIEM, EDR, email security, network security, and cloud security platforms.
. Analyse, triage, and investigate security alerts to determine their severity, scope, and potential business impact.
. Respond to security incidents in accordance with established playbooks, procedures, and service level agreements (SLAs).
. Escalate confirmed or suspected security incidents to Incident Management and Response teams, providing clear documentation and supporting evidence.
. Contribute to the development and continuous improvement of operational processes, playbooks, and standard operating procedures.
. Stay informed of the latest cyber threats, threat actor tactics, techniques and procedures (TTPs), vulnerabilities, and industry best practices.
. Collaborate with Threat Intelligence, Detection Engineering, Threat Hunting, Security Engineering, and Incident Response teams to improve detection and response capabilities.
. Assist in identifying opportunities to improve automation and tune detection rules.
. Communicate investigation findings and technical information clearly to both technical and non technical stakeholders.
. Ensure all activities are performed in accordance with CGI security policies, standards, and regulatory requirements.
. Mentor and support junior analysts, providing coaching, guidance, and constructive feedback to develop their technical, analytical, and professional skills.

Required qualifications to be successful in this role:

. Experience working in a Security Operations Centre or equivalent cybersecurity operational role, or demonstrable hands on experience investigating security events through academic, military, apprenticeship, or industry experience.
. Experience monitoring, analysing, and investigating security alerts across a variety of security technologies.
. Good understanding of cyber threat actor tactics, techniques and procedures (TTPs), including the MITRE ATT&CK framework.
. Knowledge of common attack vectors, malware, phishing, identity based attacks, and modern cyber threats.
. Understanding of networking concepts and protocols, including TCP/IP, DNS, HTTP/S, SMTP, VPNs, and firewalls.
. Knowledge of Windows, Linux, and Active Directory security fundamentals.
. Experience using security technologies such as SIEM, Endpoint Detection and Response (EDR), email security, cloud security, or network detection tools.
. Strong analytical, problem solving, and investigative skills with the ability to make risk based decisions.
. Excellent written and verbal communication skills, including the ability to document investigations clearly.
. Ability to work effectively in a collaborative, global team environment.
. A proactive approach to learning and keeping current with the evolving cybersecurity landscape.
. Experience with AI technologies, including generative AI and machine learning solutions, is desirable.

QUALIFICATIONS & CERTIFICATIONS

. Degree in Cyber Security, Computer Science, Information Technology, or a related discipline, or equivalent practical experience.
. Relevant industry certifications are desirable, including one or more of:
. CompTIA Security+
. CompTIA CySA+
. Microsoft SC 200: Security Operations Analyst
. Microsoft AZ 500: Azure Security Engineer
. GIAC Certified Incident Handler (GCIH)
. GIAC Certified Intrusion Analyst (GCIA)
. ISC2 Certified in Cybersecurity (CC)
. CISSP

CGI is providing a reasonable estimate of the pay range for this role. The determination of this range includes factors such as skill set level, geographic market, experience and training, and licenses and certifications. Compensation decisions depend on the facts and circumstances of each case. A reasonable estimate of the current range is $60,000-110,000. This role is an existing vacancy

#LI-AB19

Skills:
  • Active Directory Security
  • Analytical Thinking
  • Collaboration
  • Incident response
  • Linux
  • Security Operations Center
  • Threat Risk Assessment


Similar Jobs

More Jobs at CGI

  • Maintenance Supervisor
    $62K — $139K *
    Colorado Springs, CO 80918 (El Paso County)
    Aerospace & Defense
    In-Person
  • Junior DevOps Engineer
    $79K — $176K *
    Arlington, VA 22204 (Arlington County)
    Aerospace & Defense
    In-Person
  • Analyste Fonctionnel
    $75K — $130K *
    Montreal, QC H1A 0A1
    Finance & Insurance
    In-Person
  • Data Architect
    $100K — $176K *
    Dallas, TX 75217 (Dallas County)
    Information Technology
    In-Person
  • Data Architect
    $100K — $176K *
    Strongsville, OH 44136 (Cuyahoga County)
    Information Technology
    In-Person

More Information Technology Jobs

Find similar Security Monitoring and Response Specialist jobs: