CGI Technologies and Solutions, Inc. Tier II Security Operations Center Analyst in Huntsville, Alabama

Tier II Security Operations Center Analyst

CGI-experience the commitment

Find similar career opportunities

Category:Information Technology

City:Huntsville, Alabama, United States

Position ID:J0916-0812

Employment Type:Full Time

Meet our professionals

CGI: An employer of choice

Position Description:

CGI Federal is seeking a Security Operations Center Security Specialist to support our Security Operations Center team based out of Huntsville Alabama.

A Security Specialist needs to attain a vast technical expertise, security experience, and business understanding. The duties and responsibilities of the SOC Security Specialist include many aspects of leadership and security knowledge.

Security Specialists are to stay abreast of security trends to provide actionable recommendations, implement these recommendations, and disseminate the information (as needed), to peers and leadership. Examining trends daily operations and event data to determine emerging security threats, will allow the ability to pinpoint areas requiring improvement such as staffing, training, processes, policies or technologies. Security Specialists will also research and apply techniques to centralize processes, automate repetitive tasks, and generate higher productivity from the team, this includes developing focused reporting and briefings for cyber threats.

The Security Specialist has the overall responsibility of providing training, knowledge, guidance, and direction for security awareness mitigations under the team’s operational scope. Security Specialists need to have an up-to-date understanding and knowledge of outstanding security issues, detection abilities, mitigation procedures, tools, and monitoring objectives within the SOC’s area of responsibility.

In the case of Incident Response, the Security Specialists are responsible for ensuring the proper completion of all incident response activities, primarily high priority, critical, and corporate visibility incidents. Security Specialists ensure the necessary documentation reports are generated and the proper guidance is provided for SOC members to meet SLA and meet deliverable requirements. Security Specialists need to provide a defined structure to prioritize and escalate issues and to establish proactive, rather than reactive, methods within the security team.

Your future duties and responsibilities:

Understand and maintain the appropriate knowledge of Security Technologies, (AV, FIM, HIPS, NIPS, SIEM, WAF/DAM, DLP), security procedures, and services within the SOC as well as ensuring all tools are functioning properly.

• Perform post-incident report according to standard operations as well as activities such as identifying what was done right and wrong, identifying tools that may have helped the investigation and those that hindered it. Discuss with the responsible parties on what could have been done better

• Is responsible for designing or participating in the implementation of the technical solution/processes in compliance with the security standards and operational feasibility.

• Assist in developing and maturing the future services and capabilities of the SOC, such as Forensics, Threat Management, Penetration Assessments, Tool Management, and more.

• Ensure that all procedures and operations are carried out by the responsible parties.

•Perform incident triage to include determining scope, urgency, and potential impact.

• Assist Analysts in monitoring network traffic and security alerts for potential events/incidents as well as trending and historical analysis and ensuring all incident reports are complete and written within standard operations, ensure ticket audits and reviews are completed

• Provides support to security operational teams on escalated incidents including troubleshooting, analysis and resolution, Act as a security representative for SDMs for high priority incidents

• Provides oversight on incident handling to ensure all mitigation techniques are being achieved

• Ensure the transfer of knowledge between analyst shifts and leadership to provide an understanding of all updates, assignments, training, and SOC procedures.

• Act as an escalation point for event analysis and incident handling, Required to control and manage Critical incidents to ensure all standard operations are taking place

• Develop focused reporting and briefings for advanced cyber threats

• Ensure event analysis and incident reports are documented and quality control is applied to ensure accuracy.

• Provides the training, time, guidance, direction, and administrative action to ensure that team responsibilities are completed at the best quality level possible.

•Document and maintain a knowledge base of alarms (false positives and false negatives, blacklists, whitelists) that IDS and IPS encounter.

•Serve as work area experts for security/information assurance policy recommendations.

•Gather intelligence from sources outside the SOC (both internal and external sources) and leverage for operations

Required qualifications to be successful in this role:

Education or Experience

• Minimum of four (4) years of direct experience as a Security Analyst or SOC role within the last eight years, and demonstrated ability to carry out the functions of the job or any combination of education and experience, which would provide an equivalent background


• Experience and extensive knowledge of a SIEM and event analysis and information gathering

• Experience in leading Security Incident Handling procedures using SANS methodology

• Ability and experience in writing clear and concise technical writing specifically in event analysis and incident handling documentation

• Experience in Intrusion Detection or Prevention Systems

•Experience with the TCP/IP stack, DNS, BGP and metadata.

• Knowledge of: TCP/IP, computer networking, routing and switching

• Experience in Linux/UNIX and Windows based devices at the System Administrator level

• Team player, excellent communication skills, good time management

• Organizational skills and the ability to work autonomously with attention to processes

• Ability to speak and communicate effectively with peers, management and clients

• Ability to speak and write fluently.


• SIEM experience with Splunk

• Forensics

• Content Management and development for Security technologies (AV, FIM, HIPS, NIPS, SIEM, WAF/DAM),

• Security +, Network +, CISSP, CEH, GCIA, GCIH, CISM, SPLUNK Training

• Knowledge and Experience of Security practices within an MSS environment.

• US Federal Government security clearance (Public Trust), or the ability to become cleared

• Experience in training mentoring colleagues

Due to the government contract, the position requires candidates to be US Citizens with the ability to get a security clearance.


What you can expect from us:

At CGI, we’re a team of builders. We call our employees members because all who join CGI are building their own company - one that has grown to 65,000 professionals located in 40 countries. Founded in 1976, CGI is a leading IT and business process services firm committed to helping clients succeed. We have the global resources, expertise, stability and dedicated professionals needed to achieve results for our clients - and for our members. Come grow with us. Learn more at

This is a great opportunity to join a winning team. CGI offers a competitive compensation package with opportunities for growth and professional development. Benefits for full-time, permanent members start on the first day of employment and include a paid time-off program and profit participation and stock purchase plans.

We wish to thank all applicants for their interest and effort in applying for this position, however, only candidates selected for interviews will be contacted.

No unsolicited agency referrals please.

All CGI offers of employment in the U.S. are contingent upon the ability to successfully complete a background investigation. Background investigation components can vary depending upon specific assignment, or upon any US government security clearance if required. Qualified applicants will receive consideration for employment without regard to their race, color, religion, sex, gender Identity, sexual orientation, national origin, age, disability, veteran status, pregnancy, or other status protected by law. CGI will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with CGI’s legal duty to furnish information.


  • Incident Management

  • Incident Response

  • Malware Engineering

  • Perl

Referral First name*

Referral Last name*

Referrer E-Mail*

By checking this box you agree to allow us to contact the individual listed above about your referral and that the referral meets eligibility criteria.

Are you interested in this job?

In the US, CGI is committed to a policy of equal employment opportunity. We recruit, employ, train, compensate, and promote without regard to race, ancestry, color, sex, religion, age, national origin, citizenship status, disability, protected veteran status, marital status, sexual orientation or perceived sexual orientation, gender identity, familial status, political affiliation, or any other classification protected by state or federal law.

CGI is committed to the principles of equal employment opportunity and to compliance with US laws and regulations. Click here at to access our US EEO/Affirmative action policy.

Applicants have rights under Federal Employment Laws:

  1. EPPA at

  2. FMLA at

  3. Consolidated EEO Is The Law at

If you need an accommodation in order to complete the application process, click here at .

We make it easy to translate military experience and skills! Click here at to be directed to our site that is dedicated to veterans and transitioning service members.