Incident Response Lead
Meet our professionals
CGI UK Careers - Be Part of Our Story
If you’re ahead of the game on systems risk and cyber security, we can secure your career ambitions. At CGI, our Security Experts are trusted to work closely with a wide range of clients on exciting projects with real-world purpose and impact. CGI was recognised in the Sunday Times Best Places to Work List 2023 and has been named one of the ‘World’s Best Employers’ by Forbes magazine. We offer a competitive salary, excellent pension, private healthcare, plus a share scheme (3.5% + 3.5% matching) which makes you a member not just an employee. We are committed to inclusivity, building a genuinely diverse community of tech talent and inspiring more women to pursue careers in our sector. We won ‘Best Tech Employer’ at the 2022 Women in Tech Employer Awards.
Your future duties and responsibilities:
The Incident Response Lead is part of the Global SOC which conducts Cyber research, threat hunting, incident response, forensics analysis, red team operations, malware reverse engineering and innovations.
This role requires a thorough understanding of Cyber security and in-depth knowledge and experience around computer networking fundamentals, modern threats and vulnerabilities, attack methodologies, threat actors and forensics methodologies and tools.
• Provide technical leadership and conduct incident response engagements as required at the direction of the Head of Incident Response or Head of Cyber Monitoring and Response (Blue Team)
• Help to develop incident response within the Global SOC, paying particular attention to best practices and
• advances in technology or cyber security
• Perform Advanced Digital Forensics Analysis, Host based or Network analysis as required during an investigation
• Act as the senior subject matter expert where required during security incidents
• Work closely with other teams to provide mitigation recommendations to reduce the overall security risk within the organization
• Provide ideas and feedback to improve the overall SOC capabilities or maturity (focus on people and processes)
• Work until incident resolution or as directed by the Head of Incident Response or the Head of Cyber Monitoring and Response (Blue Team)
• Preform basic reverse engineering on malware using dynamic and static analysis
Required qualifications to be successful in this role:
• Experience in working in a similar Cyber Security role or associated discipline
• Be a recognized Cyber Security professional within Forensics, Incident Response or Threat Hunting within your region or business unit
• Previous Experience Leading Incident Response Engagements
• Strong understanding of the following:
• Networking fundamentals (all OSI layers, protocols, etc.)
• Windows/Linux/Unix operating systems
• Incident Response methodologies and tools
• Operating system and software vulnerabilities and exploitation techniques
• SIEM Experience (e.g. Arcsight, Splunk, Logpoint, Elastic)
• Host analysis Experience with Forensics/EDR tools (e.g. enCase, FireEye, CarbonBlack, RSA ECAT, Crowdstrike, Endgame)
• Network analysis experience with Network sensors (e.g. Fireye, Cisco, Fortinet, TrendMicro)
• Malware Analysis (Static Analysis or Dynamic Analysis of captured file, Reverse Engineering)
• Experience of utilizing threat intelligence sources
• Penetration testing experience
• Experience with one or more of the following programming languages C/C++, Python, Ruby, Assembly, Perl, C#,
• Experience with script languages such as Bash, PowerShell, Perl, Python
• User investigations, Behavioral Analysis technology and or processes.
• Experience with Insider Threat Investigations from a forensic approach
What you can expect from us:
Insights you can act on
While technology is at the heart of our clients’ digital transformation, we understand that people are at the heart of business success.
When you join CGI, you become a trusted advisor, collaborating with colleagues and clients to bring forward actionable insights that deliver meaningful and sustainable outcomes. We call our employees “members” because they are CGI shareholders and owners, and, as owners, we enjoy working and growing together to build a company we are proud of. This has been our Dream since 1976, and it has brought us to where we are today—one of the world’s largest independent providers of IT and business consulting services.
At CGI, we recognize the richness that diversity brings. We strive to create a work culture where everyone belongs, and we collaborate with clients in building more inclusive communities. As an equal opportunity employer, we empower all our members to succeed and grow. If you require an accommodation at any point during the recruitment process, please let us know. We will be happy to assist.
Ready to become part of our success story? Join CGI—where your ideas and actions make a difference.