Cyber Investigations Analyst
Role details
Job location
Tech stack
Job description
We are looking for a Cyber Investigations Analyst to support insider threat detection, investigation, and response efforts. This role focuses on identifying and analyzing both technical and behavioral risks within an organization. The analyst will conduct end-to-end investigations, including triaging alerts, collecting and analyzing evidence, building timelines, and documenting findings in line with established standards.
In addition to investigations, the role involves proactive threat hunting using SIEM tools and enterprise telemetry. The analyst will work closely with cross-functional teams to address insider risk scenarios such as data theft, fraud, sabotage, espionage, and accidental data exposure. Success in this role requires a strong understanding of SOC operations, networking fundamentals, and the ability to identify patterns of suspicious behavior.
We partner with 15 of the top 20 banks globally, and our top 10 banking clients have worked with us for an average of 26 years!.
This role is located at a client site in Reston, VA. A hybrid working model is acceptable.
Your future duties and responsibilities:
We are looking for a Cyber Investigations Analyst to support insider threat detection, investigation, and response efforts. This role focuses on identifying and analyzing both technical and behavioral risks within an organization. The analyst will conduct end-to-end investigations, including triaging alerts, collecting and analyzing evidence, building timelines, and documenting findings in line with established standards.
In addition to investigations, the role involves proactive threat hunting using SIEM tools and enterprise telemetry. The analyst will work closely with cross-functional teams to address insider risk scenarios such as data theft, fraud, sabotage, espionage, and accidental data exposure. Success in this role requires a strong understanding of SOC operations, networking fundamentals, and the ability to identify patterns of suspicious behavior.
Requirements
3+ years of relevant experience in cybersecurity, SOC operations, or investigative roles
. Hands-on experience with SIEM platforms and log analysis
. Strong understanding of networking fundamentals (TCP/IP, DNS, HTTP/S)
. Familiarity with SOC operations and incident response workflows
. Ability to conduct structured, end-to-end investigations
. Experience with threat hunting and hypothesis-driven analysis
. Knowledge of insider threat scenarios (e.g., data exfiltration, fraud, sabotage)
. Strong analytical thinking and attention to detail
. Clear documentation and reporting skills
. Ability to collaborate across teams and communicate findings effectively
. Background in cybersecurity or digital investigations is highly beneficial., Bachelor's degree in Computer Science, Information Systems, or a related field.?, * Fraud Management
Benefits & conditions
CGI is required by law in some jurisdictions to include a reasonable estimate of the compensation range for this role. The determination of this range includes various factors not limited to skill set, level, experience, relevant training, and licensure and certifications. To support the ability to reward for merit-based performance, CGI typically does not hire individuals at or near the top of the range for their role. Compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range for this role in the U.S. is $90,200.00 - $136,400.00.
CGI's benefits are offered to eligible professionals on their first day of employment to include:
. Competitive compensation
. Comprehensive insurance options
. Matching contributions through the 401(k) plan and the share purchase plan
. Paid time off for vacation, holidays, and sick time
. Paid parental leave
.Learning opportunities and tuition assistance
. Wellness and Well-being programs
