CARE Alert Monitoring Analyst - U.S. Citizenship Required
About The Position
CGI is one of the top five largest global IT companies, operating across 40 countries and offering endless opportunities to expand and grow. As a CGI Federal member, you will have the opportunity to become a CGI shareholder and join a family of 90,000 members strong. CGI Federal has an exciting opportunity for a Next-Gen Alert Monitoring Analyst (AMA) to join the CDM shared services program. You will be part of the Cyber Analysis and Research Engineering (CARE) security team, working to improve the security posture of a wide range of agencies by identifying and helping to mitigate cyber risks. We are looking for a skilled professional to actively monitor activity across networks, endpoints, and applications; identify potential security threats through log analysis and alert investigations; and respond to security alerts by analyzing suspicious behavior, correlating data across multiple systems, and escalating critical issues to the appropriate teams. A strong understanding of network protocols, application security, and intrusion detection is essential. This position is located in one of CGI Federal's offices in Fairfax, VA or Lafayette, LA; however, a hybrid working model is acceptable. You will be required to work in a CGI Federal office two days per week.
Requirements
- The Alert Monitoring Analyst should acquire and maintain (through continuing education credits) at least two of the following certifications:
- Security+ and Network+
- Elastic or Splunk Certified Engineer
- Certified Ethical Hacker (CEH)
- CompTIA Advanced Security Practitioner (CASP+)
- SANS GIAC Incident Handler (GCIH)
- EC-Council Certified Incident Handler (E|CIH)
Nice To Haves
- Team-oriented with excellent attention to detail
Responsibilities
- Interpret and investigate incidents to understand impact and threat mechanisms, and map associated tactics, techniques, and procedures (TTPs).
- Actively monitor logs and dashboards that pull data from network, application, and endpoint sensors.
- Identify potential security threats through log analysis and alert investigations and respond to alerts by analyzing suspicious activity.
- Correlate data across different systems and escalate critical issues to the appropriate teams.
- Own the response and remediation portion of every alert.
- Ensure each alert description and CARE recommendation is clearly articulated to both technical and management personnel.
- Develop appropriate response actions as part of guided response activities for agencies in the context of specific security incidents.
- Engage with agencies through established communication channels to guide them through response actions.
- Develop possible remediation plans for specific security incidents and document them as part of playbooks.
- Create response and remediation templates.
- Collaborate with Threat Intelligence Analysts to develop technical notes and agency advisories.
- Provide subject matter expertise for effective EDR, Mobile Threat Management, and IDaaS implementations.
- Assist with response and recovery actions when appropriate.
- Document lessons learned and best practices as part of daily operations and review them with CARE Directors.
- Validate each alert to determine true positive status.
- Assist CARE Directors with executing the CARE mission and vision.
Benefits
- Competitive compensation
- Comprehensive insurance options
- Matching contributions through the 401(k) plan and the share purchase plan
- Paid time off for vacation, holidays and sick time
- Paid parental leave
- Learning opportunities and tuition assistance
- Wellness and well-being programs
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
Number of Employees
5,001-10,000 employees
