Company Profile:
Founded in 1976, CGI is among the largest independent IT and business consulting services firms in the world. With 94,000 consultants and professionals across the globe, CGI delivers an end-to-end portfolio of capabilities, from strategic IT and business consulting to systems integration, managed IT and business process services and intellectual property solutions. CGI works with clients through a local relationship model complemented by a global delivery network that helps clients digitally transform their organizations and accelerate results. CGI Fiscal 2024 reported revenue is CA$14.68 billion and CGI shares are listed on the TSX (GIB.A) and the NYSE (GIB). Learn more at cgi.com.
Cybersecurity Lead Analyst - Microsoft Defender for Endpoints, Intune, Windows/Linux Administration
Taleo: 26000CK0
Experience: 8+ years relevant experience required.
Responsibilities:
1. MDE Platform Administration (Tenant-Level)
2. Server Onboarding & Offboarding (Windows & Linux) Design and operate scalable onboarding processes: Windows Server: MECM/SCCM, GPO, Intune, Azure Arc, scripts; ensure Sense EDR sensor and Defender Antivirus are properly configured (including passive mode transitions if 3rd-party AV present). Linux Server: Package-based installs (mdatp via apt/yum/zypper), onboarding scripts, repo configuration, proxy settings, and service validation. Maintain golden images / AMIs with pre-onboarding steps, device tagging, and machine groups. Operate offboarding flows (offboarding package/keys) for decom, M&A carve-outs, and cloud auto-scale lifecycles; reconcile stale/duplicate devices. Track coverage: % of in-scope servers onboarded, health status, and remediation of inactive/unhealthy devices.
1. Policy, Exclusions & Hardening Define/maintain AV policies, EDR in block mode, Attack Surface Reduction (ASR) rules, Network Protection, Controlled Folder Access (where server-appropriate). Implement file/path/process exclusions with risk-based justification, balancing performance and detection efficacy; periodic review, attestation, and removal of stale exceptions. Manage Indicators (IOCs), custom URL/Domain/IP indicators, and controlled testing with robust change control.
5. Operations & Support Operate day-to-day MDE tool support: ticket queue, troubleshooting onboarding/health/AV conflicts, performance tuning, and sensor/engine update issues. Partner with SOC/IR on incidents; drive endpoint containment, isolation support, evidence capture, and post-incident hardening actions.
8. Automation & Scale Build automation with PowerShell, Bash, Azure Automation, Azure DevOps/GitHub Actions, M365 Defender/Graph APIs
10. L3 must have a strong understanding of Microsoft Defender architecture, including Defender AV, MDE (EDR), XDR, Microsoft Sentinel, Intune, Entra ID, and Security Center.
11. Understand integration, dependencies, and behavioural impacts between Intune, Entra, Sentinel, and XDR, and how a change in one component affects the others.
Skill Set:
. 8+ years in Endpoint/Server Security or Infra Security with at least 4 years operating Microsoft Defender for Endpoint (server focus)
. Hands-on with Windows Server 2012R2–2022 and Linux
. Proven delivery of large-scale onboarding (GPO/MECM/Intune/Azure Arc/scripts) and Linux mdatp deployments.
. Strong with Defender AV, EDR in block mode, ASR rules, Indicators.
. Experience with Intune, MECM/SCCM, Microsoft 365 Defender, Defender for Cloud, Azure AD/Entra ID RBAC.
. Scripting/automation in PYTHON; familiarity with APIs/Graph/M365 Defender.
Location: Bangalore/Chennai
Life at CGI:
It is rooted in ownership, teamwork, respect and belonging. Here, you’ll reach your full potential because…
You are invited to be an owner from day 1 as we work together to bring our Dream to life. That’s why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company’s strategy and direction
Your work creates value. You’ll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise
You’ll shape your career by joining a company built to grow and last. You’ll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons
Come join our team, one of the largest IT and business consulting services firms in the world.
Your future duties and responsibilities
Required qualifications to be successful in this role
Together, as owners, let’s turn meaningful insights into action.
Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, you’ll reach your full potential because…
You are invited to be an owner from day 1 as we work together to bring our Dream to life. That’s why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company’s strategy and direction.
Your work creates value. You’ll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise.
You’ll shape your career by joining a company built to grow and last. You’ll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons.
Come join our team—one of the largest IT and business consulting services firms in the world.
