Job Information
Incident Response Manager
20 Days Ago
Job Category: Computer/IT
Job Type: Full-Time
Posted: 2021-02-05
Job Status
Start Publishing: 2021-02-05
Stop Publishing: 2021-02-26
Twitter Share on facebook


CGI is more than just an IT consulting company; we are a global organization offering a world of opportunities. Become part of an outstanding culture that gives you the freedom to innovate, influence decisions, achieve your full potential, and chart your own career! Our benefits include a share purchase program, profit sharing, wellness credits, training and development programs and flexible work schedules.

The Incident Response Manager is an integral part of the Global SOC which conducts cyber research, threat hunting, incident response, forensics analysis, red team operations, malware reverse engineering and innovations for CGI. This critical role requires a detailed understanding of cyber security and in-depth knowledge of computer networking fundamentals, modern threats and vulnerabilities, attack methodologies, threat actors and forensics methodologies and tools. This position is responsible for leading and conducting highly technical incident response engagements, setting the incident response plan, and collaborating with GSOC team in the correct application of incident response processes within CGI. If you are a highly effective communicator who thrives in a fast-paced, dynamic environment, this could be the perfect opportunity for you!

Your future duties and responsibilities
Incident Response:
• Provide technical leadership and conduct incident response engagements
• Develop incident response strategies, paying particular attention to industry standard methodologies and advances in technology and cyber security
• Perform sophisticated digital forensic, host-based or network analysis during an investigation
• Act as the senior subject matter expert during security incidents
• Work closely with other teams to provide mitigation recommendations to reduce the overall security risk within the organization
• Provide suggestions and feedback to improve the overall capabilities of the SOC team
• Handle incidents until resolution
• Perform basic reverse engineering on malware using dynamic and static analysis

• Perform forensic collection of endpoint or network evidence with forensically sound procedures, document evidence handling with chain-of-custody procedures, and conduct forensic investigations to industry standard methodologies
• Perform advanced “Threat Hunting” for unknown cyber security events in order to find, identify and categorize advanced cyber threats

• Monitor alerts generated and escalated by GSOC monitoring technologies or Level 2 / 3 Analysts
• Research trends in new security threats, technologies and regulations; advise and train team members to maintain awareness
• Monitor automated tool output and conduct spot checks for accuracy

• Conduct preliminary incident triage according to the Security Incident Management Triage Matrix and set the priority accordingly
• Determine and classify the severity of alerts; assess potential impacts of classification as defined in knowledge base
• Validate triage conducted by Level 2 / 3 Analysts and automated tools
• Report potential security incidents
• Analyze and respond to security events and incidents from monitoring technologies or escalated by Level 2 / 3 Analysts
• Mentor Level 2 / 3 Analysts; review and advise on standard operating procedures and training documentation
• Work with CGI’s ITSM system during incident handling and triage innovation
• Develop, build and integrate internal tools to augment and automate capabilities of the Global SOC to detect, respond and mitigate cyber security threats
• Conduct research within the fields of Incident Response, Forensics and Threat Hunting to develop new strategies against threats

• Provide strong technical leadership and guidance to Level 2 / 3 Analysts
• Train and mentor Level 2 / 3 Analysts to improve their technical skills
• Review, modify and create the standard operating procedures used by Level 2 / 3 Analysts

Required qualifications to be successful in this role
• Minimum of 6 years’ experience working in a similar cybersecurity role
• Recognized Cyber Security professional within forensics, incident response or threat hunting
• Demonstrable experience leading incident response engagements and teams
• SME in at least two of the following areas:
• Advanced Threat Hunting
• Malware Analysis
• Reverse Engineering

Education & Certifications:
• Degree in IT Security, Engineering or Technology related fields
• Proven certifications in cybersecurity-related disciplines. (e.g. SANS)
• Certified in Incident Response and/or Forumsics


Apply Now