SOC Analyst

Position Description

At CGI, you will play a vital role in protecting critical systems and enabling secure digital transformation for high-profile clients. Working within our Cyber Security Service, you will help detect, analyse, and respond to evolving threats, contributing to resilient, high-performing environments. We combine proven tools with advanced technologies to deliver measurable impact, while fostering a culture where you are trusted to take ownership, encouraged to innovate, and supported to grow your expertise. This is an opportunity to develop hands-on capability, influence security outcomes, and be part of a collaborative team shaping the future of cyber defence.

CGI was recognised in the Sunday Times Best Places to Work List 2025 and has been named a UK 'Best Employer' by the Financial Times. We offer a competitive salary, excellent pension, private healthcare, plus a share scheme (3.5% + 3.5% matching) which makes you a CGI Partner not just an employee. We are committed to inclusivity, building a genuinely diverse community of tech talent and inspiring everyone to pursue careers in our sector, including our Armed Forces, and are proud to hold a Gold Award in recognition of our support of the Armed Forces Corporate Covenant. Join us and you'll be part of an open, friendly community of experts. We'll train and support you in taking your career wherever you want it to go.

The SOC Analyst will be joining an established SOC Team of eight years. The SOC analyst will be the first to respond to cyber security incidents. They will be required to report on cyber threats and will work as part of an expanding security team, working alongside security managers and cybersecurity engineers. . The SOC utilise both tried and tested tooling and state of the art technologies and methods to ensure we provide the best level of service and protection to our prestigious list of clients. Our client base covers a wide range of verticals from Government, MOD and CNI through to companies that are easily recognisable as household names.

The SOC is a 24x7x365 operation therefore the SOC Analyst Team works shifts on a 2 Days, 2 Nights 4 Rest Days. This is a Hybrid Working position where the dayshift is operated from a CGI office. Therefore it is expected that two days per week will be spent in an office with colleagues.

Security Clearance Required. Due to the nature of the work and the security clearance required we can only accept UK Nationals with single nationality

Your future duties and responsibilities

The role will require someone with an analytical mindset and a keen eye for detail to investigate alerts, piece together information to build a bigger picture and provide suitable remediation steps for customers.

Monitoring our SIEM (Security Incident and Event Management) and SOAR (Security Orchestration, Automation and Response) tools to detect suspicious events and abnormal activities.
. Triaging events through validating suspicious events and incidents by use of dedicated tools.
. Ability to escalate with effective reporting to level 3 SOC Analyst or Seniors Stakeholders.
. Documenting and managing incident cases to utilise information for stakeholder engagement to provide insight and intelligent recommendations.
. Providing incident management through effective monitoring, reporting and technical guidance for successful resolution.
. Production of the monthly security reports.

Required qualifications to be successful in this role

. Be willing to learn how to resolve technical issues.
. Demonstrate an interest in Cyber Security.
. Be detail orientated and show the ability to take a structured approach to procedures and working instructions.
. Have an aptitude for understanding and analysing data for troubleshooting purposes.
. Strong written communication, critical thinking, and analysis skills.
. Understanding of key security concepts and attack types such as phishing, malware, vulnerabilities, Cyber Kill Chain, and attack stages.
. Understanding of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP
. An analytical mindset, capable of digesting a wide range of information and making practical judgements based on available data and context.
. A desire to keep learning with a curious and creative mindset.
. Knowledge of Security Tooling (ArcSight, Splunk, MS Sentinel, FortiSIEM, SwimLane, QRadar LogPoint)

#LI-JS2

Together, as owners, let's turn meaningful insights into action.

Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, you'll reach your full potential because...

You are invited to be an owner from day 1 as we work together to bring our Dream to life. That's why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company's strategy and direction.

Your work creates value. You'll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise.

You'll shape your career by joining a company built to grow and last. You'll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons.

Come join our team-one of the largest IT and business consulting services firms in the world.