Position Description

Company Profile:

At CGI, we’re a team of builders. We call our employees members because all who join CGI are building their own company – one that has grown to 72,000 professionals located in 40 countries. Founded in 1976, CGI is a leading IT and business process services firm committed to helping clients succeed. We have the global resources, expertise, stability and dedicated professionals needed to achieve. At CGI, we’re a team of builders. We call our employees members because all who join CGI are building their own company – one that has grown to 72,000 professionals located in 40 countries. Founded in 1976, CGI is a leading IT and business process services firm committed to helping clients succeed. We have the global resources, expertise, stability and dedicated professionals needed to achieve results for our clients – and for our members. Come grow with us. Learn more at www.cgi.com.

This is a great opportunity to join a winning team. CGI offers a competitive compensation package with opportunities for growth and professional development. Benefits for full-time, permanent members start on the first day of employment and include a paid time-off program and profit participation and stock purchase plans. We wish to thank all applicants for their interest and effort in applying for this position, however, only candidates selected for interviews will be contacted. No unsolicited agency referrals please.

Job Title: SOC Analyst

Position: Systems Engineer

Experience: 4+ yrs

Category: Networking

Main location: Bangalore

Position ID: J0426-0071

Employment Type: Full Time

Qualification: Bachelor’s degree in Computer Science or related field or higher with minimum 3 years of relevant experience.

Responsibilities:

The L2 SOC Analyst is responsible for advanced security monitoring, investigation, and incident response across enterprise environments. This role focuses on deep analysis of alerts, threat validation, escalation handling, and coordination with L3 teams, using tools such as Microsoft Defender, Microsoft Sentinel, Cofense, Proofpoint, and Splunk.

Key Responsibilities

Perform in-depth analysis and triage of security alerts escalated from L1 analysts.

Investigate security incidents across endpoints, email, network, and cloud environments.

Use Microsoft Defender (Defender for Endpoint, Defender for Office 365, Defender for Cloud) to analyze endpoint and identity-based threats.

Monitor, investigate, and respond to incidents using Microsoft Sentinel, including querying using KQL and tuning detection rules.

Analyze phishing and email-based threats using Cofense and Proofpoint, including malware, spoofing, and BEC incidents.

Perform log analysis and correlation using Splunk to identify anomalous behavior and advanced threats.

Validate true positives, identify root cause, and recommend remediation actions.

Handle incident escalation to L3 teams and coordinate with IT, IR, and infrastructure teams.

Support containment, eradication, and recovery activities during security incidents.

Create and update incident reports, playbooks, and SOPs.

Assist in use-case tuning, false-positive reduction, and dashboard improvements.

Participate in threat-hunting activities and continuous improvement initiatives.

Must-Have Skills:

3–6 years of experience in SOC operations or cybersecurity monitoring roles.

Strong hands-on experience with Microsoft Defender and Microsoft Sentinel.

Practical experience with Splunk for log analysis and investigations.

Experience handling phishing investigations using Cofense and Proofpoint.

Solid understanding of:

MITRE ATT&CK framework

Incident response lifecycle

Malware, ransomware, phishing, and credential-based attacks

Experience With KQL (Sentinel) And SPL (Splunk) Is Preferred.

Strong analytical and documentation skills.

Preferred Certifications

Microsoft SC-200 (Security Operations Analyst)

Splunk Core Certified Power User / Enterprise Security

GIAC (GCIA, GCIH) or equivalent

CEH / CySA+ (optional)

CGI is an equal opportunity employer. In addition, CGI is committed to providing accommodations for people with disabilities in accordance with provincial legislation. Please let us know if you require a reasonable accommodation due to a disability during any aspect of the recruitment process and we will work with you to address your needs.

Your future duties and responsibilities

Required Qualifications To Be Successful In This Role

Together, as owners, let’s turn meaningful insights into action.

Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, you’ll reach your full potential because…

You are invited to be an owner from day 1 as we work together to bring our Dream to life. That’s why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company’s strategy and direction.

Your work creates value. You’ll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise.

You’ll shape your career by joining a company built to grow and last. You’ll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons.

Come join our team—one of the largest IT and business consulting services firms in the world.

L2 soc analsyt

Job Description