Cyber Automation

Cyber Automation

Choosing Capgemini means choosing a company where you will be empowered to shape your career in the way you'd like, where you'll be supported and inspired by?a collaborative community of colleagues around the world, and where you'll be able to reimagine what's possible. Join us and help the world's leading organizations?unlock the value of technology and build a more sustainable, more inclusive world.

Job Description

Job Responsibilities

Security Monitoring & Incident Response

·?????? Monitor alerts and security events generated from Microsoft Sentinel, Defender for Cloud, Defender for Endpoint, Defender for Identity, and other SOC tools.

·?????? Perform initial triage, correlation, and investigation of security incidents to determine severity and impact.

·?????? Escalate confirmed incidents and support containment, eradication, and recovery actions.

·?????? Document incident response steps, root-cause analysis, and lessons learned.

·?????? Maintain 24×7 situational awareness coverage through rotating on-call or shift responsibilities as required.

Threat Detection & Analysis

·?????? Conduct proactive threat hunting using Sentinel analytics, KQL queries, and custom detection rules.

·?????? Analyze logs and telemetry from endpoints, firewalls, Azure resources, and AVD hosts for anomalous activity.

·?????? Identify potential indicators of compromise (IOCs) and emerging threats within the Azure Government and M365 GCC-High ecosystems.

·?????? Recommend tuning improvements to detections and correlation rules to reduce false positives.

Vulnerability & Patch Management

·?????? Support regular vulnerability scans, review results, and track remediation activities.

·?????? Collaborate with infrastructure and Intune teams to validate patch compliance across AVD and Windows 365 assets.

·?????? Monitor Defender Vulnerability Management dashboards and report high-risk exposures to leadership.

·?????? Assist in maintaining asset inventories, vulnerability baselines, and patch metrics.

Compliance, Audit, & CMMC Level 2 Support

·?????? Support ongoing CMMC Level 2 and NIST SP 800-171 compliance efforts through control monitoring, evidence collection, and reporting.

·?????? Maintain and update security-related documentation, including incident response plans, SIEM configurations, and POA&M items.

·?????? Provide input to the System Security Plan (SSP) on monitoring and incident response controls.

·?????? Participate in internal audits, tabletop exercises, and compliance reviews to ensure readiness.

Tool Administration & Optimization

·?????? Administer SOC and security tools such as Microsoft Sentinel, Defender for Cloud, and Defender for Endpoint.

·?????? Develop custom Sentinel workbooks, dashboards, and KQL queries for enhanced visibility.

·?????? Integrate alerts with ServiceNow for incident and change management workflows.

·?????? Support automation initiatives using Logic Apps, Playbooks, or PowerShell to streamline incident response.

Reporting & Continuous Improvement

·?????? Produce daily and weekly SOC summaries, incident metrics, and trend analyses.

·?????? Deliver executive-level reports summarizing threat activity, vulnerabilities, and remediation progress.

·?????? Recommend improvements to SOC processes, escalation procedures, and documentation standards.

·?????? Stay current on evolving threats, tools, and Microsoft security technologies applicable to Azure Government environments.

Job Description - Grade Specific

Required Qualifications

Education: Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field.

Experience:

·?????? ?3+ years of experience in cybersecurity or SOC operations.

·?????? ?1+ years working with Microsoft Sentinel, Defender for Cloud, and Defender for Endpoint.

·?????? ?Experience in Azure Government and Microsoft 365 GCC-High environments.

·?????? ?Practical experience in log analysis, incident response, and SIEM management.

·?????? ?Familiarity with compliance frameworks including CMMC Level 2, NIST SP 800-171, and FedRAMP High.

Technical Skills:

·?????? ?Proficiency with KQL (Kusto Query Language) and Sentinel analytics.

·?????? ?Strong understanding of network security, endpoint protection, and cloud security monitoring.

·?????? ?Experience integrating alerts and workflows into ServiceNow or similar ITSM tools.

·?????? ?Knowledge of Active Directory, Entra ID (Azure AD), and conditional access policies.

Soft Skills: Excellent analytical, investigative, and communication skills; strong documentation discipline and attention to detail;

U.S. Citizenship required (for access to GCC-High and Azure Government environments).

Desired Qualifications

·?????? Microsoft Certified: Cybersecurity Architect Expert or Azure Administrator Associate.

·?????? Security+ (CompTIA), Microsoft Certified: Security Operations Analyst Associate, or equivalent.

·?????? GIAC (GCIH, GCIA) or CISSP certification.

·?????? Experience working with Defender for Identity, Purview, and Conditional Access policy design.

·?????? Background in automation (Logic Apps, Power Automate, or PowerShell).

·?????? Prior SOC experience supporting Federal or Defense Industrial Base (DIB) clients.

·?????? Familiarity with incident ticket workflows, evidence collection, and reporting for CMMC Level 2 audits.

The base compensation range for this role in the posted location is: $67,744-$147,804.

Capgemini provides compensation range information in accordance with applicable national, state, provincial, and local pay transparency laws. The base compensation range listed for this position reflects the minimum and maximum target compensation Capgemini, in good faith, believes it may pay for the role at the time of this posting. This range may be subject to change as permitted by law.

The actual compensation offered to any candidate may fall outside of the posted range and will be determined based on multiple factors legally permitted in the applicable jurisdiction.

These may include, but are not limited to: Geographic location, Education and qualifications, Certifications and licenses, Relevant experience and skills, Seniority and performance, Market and business consideration, Internal pay equity.

It is not typical for candidates to be hired at or near the top of the posted compensation range.

In addition to base salary, this role may be eligible for additional compensation such as variable incentives, bonuses, or commissions, depending on the position and applicable laws.

Capgemini offers a comprehensive, non-negotiable benefits package to all regular, full-time employees. In the U.S. and Canada, available benefits are determined by local policy and eligibility and may include:

• Paid time off based on employee grade (A-F), defined by policy: Vacation: 12-25 days, depending on grade, Company paid holidays, Personal Days, Sick Leave

• Medical, dental, and vision coverage (or provincial healthcare coordination in Canada)

• Retirement savings plans (e.g., 401(k) in the U.S., RRSP in Canada)

• Life and disability insurance

• Employee assistance programs

• Other benefits as provided by local policy and eligibility

Important Notice: Compensation (including bonuses, commissions, or other forms of incentive pay) is not considered earned, vested, or payable until it becomes due under the terms of applicable plans or agreements and is subject to Capgemini's discretion, consistent with applicable laws. The Company reserves the right to amend or withdraw compensation programs at any time, within the limits of applicable legislation.

Disclaimers

Capgemini is an Equal Opportunity Employer encouraging inclusion in the workplace. Capgemini also participates in the Partnership Accreditation in Indigenous Relations (PAIR) program which supports meaningful engagement with Indigenous communities across Canada by promoting fairness, accessibility, inclusion and respect. We value the rich cultural heritage and contributions of Indigenous Peoples and actively work to create a welcoming and respectful environment. All qualified applicants will receive consideration for employment without regard to race, national origin, gender identity/expression, age, religion, disability, sexual orientation, genetics, veteran status, marital status or any other characteristic protected by law.

This is a general description of the Duties, Responsibilities and Qualifications required for this position. Physical, mental, sensory or environmental demands may be referenced in an attempt to communicate the manner in which this position traditionally is performed. Whenever necessary to provide individuals with disabilities an equal employment opportunity, Capgemini will consider reasonable accommodations that might involve varying job requirements and/or changing the way this job is performed, provided that such accommodation does not pose an undue hardship. Capgemini is committed to providing reasonable accommodation during our recruitment process. If you need assistance or accommodation, please reach out to your recruiting contact.

Please be aware that Capgemini may capture your image (video or screenshot) during the interview process and that image may be used for verification, including during the hiring and onboarding process.

Click the following link for more information on your rights as an Applicant in the United States.

Capgemini is a global business and technology transformation partner, helping organizations to accelerate their dual transition to a digital and sustainable world, while creating tangible impact for enterprises and society. It is a responsible and diverse group of 340,000 team members in more than 50 countries. With its strong over 55-year heritage, Capgemini is trusted by its clients to unlock the value of technology to address the entire breadth of their business needs. It delivers end-to-end services and solutions leveraging strengths from strategy and design to engineering, all fueled by its market leading capabilities in AI, generative AI, cloud and data, combined with its deep industry expertise and partner ecosystem.

Ref. code: 497339

Posted on: Jun 5, 2026

Experience Level: Experienced Professionals

Contract Type: Permanent

Location:

Irving, TX, US

Brand: Capgemini

Professional Community: Cybersecurity

Capgemini is an Equal Opportunity Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race, national origin, gender identity/expression, age, religion, disability, sexual orientation, genetics, veteran status, marital status or any other characteristic protected by law.