Find Job

vulnerability assurance AnalystCGI

Salary: Agreement
Work form: Full time
Posting Date: 14/01/2026
Deadline: 13/07/2022

This job has expired, you can refer to some similar jobs here:


Position Description: The Vulnerability Management Analyst is part of the Global Security Shared Services Center (GSOC), helping to build, contribute and delivery the CGI's Vulnerability Management Program. The Analyst demonstrates an in-depth unde Position Description: The Vulnerability Management Analyst is part of the Global Security Shared Services Center (GSOC), helping to build, contribute and delivery the CGI's Vulnerability Management Program. The Analyst demonstrates an in-depth understanding of Cyber security and in-depth knowledge and experience around computer networking fundamentals, modern threats and vulnerabilities, attack methodologies, threat actors and Vulnerability Management. In addition, this position requires the ability to communicate, in both verbal and written forms, technical information in a non-technical manner toward the business. The individual is responsible to perform assessment to different solutions in corporate and vendor solution that are in scope of the CGI Internal and Shared Services. Some of these measures include, but are not limited to, assessing infrastructure devices, advise on redefining policies & standards, awareness training for internal team members, and providing best practices to the business. Your future duties and responsibilities: Operations .Assess vulnerabilities identified by infrastructure scan on a daily basis .Interact with multiple global teams (security architecture, penetration testing, application development, Risk Officers, etc.) .Participate collecting, assessing, and cataloging threat indicators .Deliver security advisory to business and project stakeholders to remediate the risk findings, document and track the open risks to closure, and enable the leaders in making risk-based decisions to support CGI's business needs .Lead security assessments by collaborating with cross-functional teams for web/mobile application security testing, infrastructure security scanning, and identity/access SSO integration, legal/data privacy team, etc. .Review and define requirements for information security solutions Vulnerability Management .Monitor, identify and assess security vulnerability advisories .Prioritize vulnerabilities discovered along with remediation timeline(s) .Collaborate with members of the team to maintain documentation defining Vulnerability Management process .Develop risk-based mitigation strategies for networks, operating systems, and applications .Review and define requirements for information security solutions .Manage regular and ad-hoc vulnerability assessments and perform conduct analysis and validation .Promote collaboration with our stakeholders and Red Team researchers to prioritize the remediation of vulnerabilities and close potential attack vectors Reporting .Report and provide recommendations based on the vulnerability analysis .Provide vulnerability analysis and produce reports for management .Compile and track vulnerabilities and mitigation results to quantify program effectiveness .Develop metrics and capabilities to ensure effective vulnerability management Required qualifications to be successful in this role: Education .Master's Degree in IT, Security, Engineering or Technology is a major plus or related field Certifications .One or more of the following certifications: OSCP, OSCE, GPXN, GPEN, GWAPT, CREST Certified Simulated Attack Specialist (CCSAS) Experience .Expertise and strong experience (5+ years) in at least two of the following areas: Windows/Linux/Unix Operating Systems, Open-source and commercial offensive security tools, Red team exercises, Penetration testing, Social engineering tactics, Exploitation techniques .Knowledge of operational security tactics and techniques (exploits and evasion, persistence techniques, lateral movement, social engineering, etc.) .Experience with one or more scripting languages: Python, PowerShell, Ruby, etc. .Experience with one or more programming languages such as C#, etc. .Knowledge of advanced persistent threats .Experience participating in red team engagements .Knowledge of firewalls and other network security products .Experience with debuggers and disassemblers is an asset .Experience with developing Malleable C2 profiles .Experience in exploit development is an asset .Experience with infrastructure automation and testing with technologies: Ansible and Vagrant .Experience using virtualization and containerization in on premise environments as well as cloud environments .Experience with Elasticsearch, Logstash, and Beats and their respective configuration/customization .Knowledge of application, network and operating system security .Experience with vulnerability, patch assessment and scanning tools .Knowledge of vulnerability scoring systems (CVSS/CMSS) .Strong understanding of cyber security and risk management best practices Skills .Excellent English communication skills, both written and oral, French is a plus .Ability to deliver high quality reporting on technical issues identified and provide remediation guidelines to various audiences .Autonomous and self-motivated .Demonstrated ability to effectively collaborate with cross-functional virtual teams .Willing to travel internationally up to 10%, if required .Detail oriented, organized, methodical, follow up skills with an analytical thought process .Ability to learn new technologies .Ability to adapt to a dynamic environment #LI-LG1 What you can expect from us: Insights you can act on While technology is at the heart of our clients' digital transformation, we understand that people are at the heart of business success. When you join CGI, you become a trusted advisor, collaborating with colleagues and clients to bring forward actionable insights that deliver meaningful and sustainable outcomes. We call our employees 'members' because they are CGI shareholders and owners and owners who enjoy working and growing together to build a company we are proud of. This has been our Dream since 1976, and it has brought us to where we are today - one of the world's largest independent providers of IT and business consulting services. At CGI, we recognize the richness that diversity brings. We strive to create a work culture where all belong and collaborate with clients in building more inclusive communities. As an equal-opportunity employer, we want to empower all our members to succeed and grow. If you require an accommodation at any point during the recruitment process, please let us know. We will be happy to assist. Ready to become part of our success story Join CGI - where your ideas and actions make a difference.
Monster

Other Info

Philippines
Permanent
Full-time

Submit profile

CGI

About the company

CGI jobs

Taguig, Metro Manila


Position vulnerability assurance Analyst recruited by the company CGI at , Joboko automatically collects the salary of , finds more jobs on Vulnerability Assurance Analyst or CGI company in the links above

About the company

CGI jobs

Taguig, Metro Manila

  • Employer support:
  • +84 962.107.888