Automation, Reporting, & Content Development Engineer
About The Position
CGI Federal is a leader in providing IT and cybersecurity solutions, dedicated to supporting mission‑critical federal government initiatives. We are committed to enhancing national security and strengthening government operations through innovative technology, advanced analytics, and expert collaboration. In this role, you will play a key part in delivering secure, modern, and resilient solutions that empower our federal government client's mission. Drive the SOC's analytics lifecycle—detections, dashboards, KPIs, metrics, automation, correlation, and TTP documentation—to convert signals into insight and insight into action. This position is located in our Knoxville, TN office; however, a hybrid working model is acceptable
Requirements
- 3-5 years in threat analytics/SOC content; NetFlow/log analysis; scripting/data visualization.
- Experience across SIEM/EDR/DLP/cloud telemetry and BI/reporting tools.
- Security clearance: Ability to obtain/maintain a Public Trust (or higher per client).
- US Citizenship or Green Card Required, with eligibility to obtain a public trust clearance.
Nice To Haves
- Bachelor's; GCTI or equivalent helpful.
Responsibilities
- Build detection analytics, dashboards, trend and KPI reporting (MTTD/MTTR, resolution and false‑positive rates).
- Automate enrichment/reporting; perform incident correlation and attack‑lifecycle visualization.
- Document TTPs; prioritize countermeasures and produce executive recommendations.
Benefits
- Competitive compensation
- Comprehensive insurance options
- Matching contributions through the 401(k) plan and the share purchase plan
- Paid time off for vacation, holidays, and sick time
- Paid parental leave
- Learning opportunities and tuition assistance
- Wellness and Well-being programs
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
