Overview
On Site
Full Time
Skills
Information system security
Risk management framework
Certification and accreditation
Attention to detail
NIST 800-53
Information systems
Information security
Information security governance
Implementation management
System security
Risk assessment
Corrective and preventive action
Continuous monitoring
Configuration Management
IT security
Cloud security
Network design
Network monitoring
Trend Micro
Organizational skills
Government contracts
CGI
Regulatory Compliance
National Institute of Standards and Technology
FedRAMP
Design
Policies
Documentation
Customer relationship management
Management
Auditing
Content management
Computer hardware
Firmware
IMPACT
Reporting
Presentations
Amazon Web Services
Microsoft Azure
Writing
Nessus
Cloud computing
Communication
CISSP
CISM
Law
Training
DICE
Teamwork
Job Details
Information Systems Security Officer
Position Description
CGI Federal is seeking a qualified Cyber Information Security Analyst that will support the CGI Federal ISSO Support Team.. The CGI Federal Information System Security Officer (ISSO) provides guidance and oversight to project teams, client groups, and delivery teams in support of security governance and compliance for the services CGI Federal is delivering. The ISSO member will participate as part of a security team that supports projects information security needs to comply with Federal agency's comprehensive security program to include NIST Risk Management Framework and FedRAMP authorizations
Your future duties and responsibilities
The responsibilities of the Cyber Information Security Analyst include, but are not limited to:
Maintain operational security posture for an information system or program to ensure information systems security design, implementation, management and review of policies, standards, baselines, procedures, and guidelines are established and followed. Understand the business functions to help ensure business is conducted as securely as possible.
Create and review documentation to support Systems Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and Client Responsibility Matrix (CRM)
Identify, manage and monitor POA&Ms, assisting Business Units or Clients in improving the quality and effectiveness of their POAMs. Provide guidance through remediation as well as develop corrective action plans for each POA&Ms.
Provide continuous monitoring and event-driven monitoring management services to include running adhoc or on demand scanning of project teams environment. Identify assets and associated vulnerabilities and provide recommendations for remediation. Ensure audit records and event logs are collected, reviewed, and documented (to include any anomalies) Document security breaches and assess their damage.
Provide configuration management (CM) for information system security software, hardware, and firmware; manage changes to system and assess the security impact of those changes.
Work with multiple teams and client project team members and establish and maintain a strong customer-focused working relationship. Assist the System Owner operate the system as securely as possible to fulfill mission requirements.
Establish and maintain regular written and in-person communications with the organization's executives, department heads and end users regarding pertinent security activities.
Keep up to date with developments in IT security standards and threats.
Provide detailed and accurate technical reporting of analysis results in the form of PowerPoint presentations and/or Word documents, as well as oral briefings on complex technical subjects attuned to senior management, technical, or non-technical audiences.
Required qualifications to be successful in this role
Education or Experience:
Bachelor's eight (8) years of Cyber Information Security Analysis.
Experience with FedRAMP and NIST compliance.
Experience with cloud security for AWS, and Azure environments.
Experience with network architecture concepts, common ports and protocols, and network monitoring tools;
Experience with writing clear and concise technical documents specifically policies, processes, and procedural documentation;
Experience with Nessus and Trend Micro and Cloud Native Security Tool solutions.
Experience with container security tools.
Organizational skills and the ability to work autonomously with attention to detail and processes;
Excellent communication skills with experience providing incident briefings to peers, management and clients;
Excellent written skills with experience creating formal incident reports.
Industry recognized professional certification such as CISSP, CISM
Experience with NIST 800-53 Rev 5
Direct experience with certification and accreditation techniques and methodologies
AWS, AZURE, Google
Experience with container security.
Due to the nature of the government contracts this position requires ship.
This position can be located at any CGI office in the U.S., preferred location is Lafayette, LA or Knoxville, TN or Lebanon, VA. We are currently working in a hybrid model, coming into the office 2 days a week.
CGI is required by law in some jurisdictions to include a reasonable estimate of the compensation range for this role. The determination of this range includes various factors not limited to skill set, level, experience, relevant training, and licensure and certifications. To support the ability to reward for merit-based performance, CGI typically does not hire individuals at or near the top of the range for their role. Compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range for this role in the U.S. is $97,000-$240,000k/ yearly.
At CGI Federal we call our professionals "members" to reinforce that all who join our team are owners and empowered to participate in the challenges and rewards that come from building a world-class company. CGI Federal's benefits include:
Eligibility to participate in an attractive Share Purchase Plan (SPP) in which the company matches dollar-for-dollar contributions made by eligible employees, up to a maximum, for their job category
401(k) Plan and Profit Participation for eligible members
Paid Time Off (PTO)
10 Standard Holidays
Health & Welfare Benefits as determined by your Service Contract Act
#CGIFederalJob
#Dice
#LI-AD1
Together, as owners, let's turn meaningful insights into action.
Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, you'll reach your full potential because...
You are invited to be an owner from day 1 as we work together to bring our Dream to life. That's why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company's strategy and direction.
Your work creates value. You'll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise.
You'll shape your career by joining a company built to grow and last. You'll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons.
Come join our team-one of the largest IT and business consulting services firms in the world.
Qualified applicants will receive consideration for employment without regard to their race, ethnicity, ancestry, color, sex, religion, creed, age, national origin, citizenship status, disability, medical condition, military and veteran status, marital status, sexual orientation or perceived sexual orientation, gender, gender identity, and gender expression, familial status, political affiliation, genetic information, or any other legally protected status or characteristics.
CGI provides reasonable accommodations to qualified individuals with disabilities. If you need an accommodation to apply for a job in the U.S., please email the CGI U.S. Employment Compliance mailbox at . You will need to reference the requisition number of the position in which you are interested. Your message will be routed to the appropriate recruiter who will assist you. Please note, this email address is only to be used for those individuals who need an accommodation to apply for a job. Emails for any other reason or those that do not include a requisition number will not be returned.
We make it easy to translate military experience and skills! Click here to be directed to our site that is dedicated to veterans and transitioning service members.
All CGI offers of employment in the U.S. are contingent upon the ability to successfully complete a background investigation. Background investigation components can vary dependent upon specific assignment and/or level of US government security clearance held.
CGI will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with CGI's legal duty to furnish information.
Position Description
CGI Federal is seeking a qualified Cyber Information Security Analyst that will support the CGI Federal ISSO Support Team.. The CGI Federal Information System Security Officer (ISSO) provides guidance and oversight to project teams, client groups, and delivery teams in support of security governance and compliance for the services CGI Federal is delivering. The ISSO member will participate as part of a security team that supports projects information security needs to comply with Federal agency's comprehensive security program to include NIST Risk Management Framework and FedRAMP authorizations
Your future duties and responsibilities
The responsibilities of the Cyber Information Security Analyst include, but are not limited to:
Maintain operational security posture for an information system or program to ensure information systems security design, implementation, management and review of policies, standards, baselines, procedures, and guidelines are established and followed. Understand the business functions to help ensure business is conducted as securely as possible.
Create and review documentation to support Systems Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and Client Responsibility Matrix (CRM)
Identify, manage and monitor POA&Ms, assisting Business Units or Clients in improving the quality and effectiveness of their POAMs. Provide guidance through remediation as well as develop corrective action plans for each POA&Ms.
Provide continuous monitoring and event-driven monitoring management services to include running adhoc or on demand scanning of project teams environment. Identify assets and associated vulnerabilities and provide recommendations for remediation. Ensure audit records and event logs are collected, reviewed, and documented (to include any anomalies) Document security breaches and assess their damage.
Provide configuration management (CM) for information system security software, hardware, and firmware; manage changes to system and assess the security impact of those changes.
Work with multiple teams and client project team members and establish and maintain a strong customer-focused working relationship. Assist the System Owner operate the system as securely as possible to fulfill mission requirements.
Establish and maintain regular written and in-person communications with the organization's executives, department heads and end users regarding pertinent security activities.
Keep up to date with developments in IT security standards and threats.
Provide detailed and accurate technical reporting of analysis results in the form of PowerPoint presentations and/or Word documents, as well as oral briefings on complex technical subjects attuned to senior management, technical, or non-technical audiences.
Required qualifications to be successful in this role
Education or Experience:
Bachelor's eight (8) years of Cyber Information Security Analysis.
Experience with FedRAMP and NIST compliance.
Experience with cloud security for AWS, and Azure environments.
Experience with network architecture concepts, common ports and protocols, and network monitoring tools;
Experience with writing clear and concise technical documents specifically policies, processes, and procedural documentation;
Experience with Nessus and Trend Micro and Cloud Native Security Tool solutions.
Experience with container security tools.
Organizational skills and the ability to work autonomously with attention to detail and processes;
Excellent communication skills with experience providing incident briefings to peers, management and clients;
Excellent written skills with experience creating formal incident reports.
Industry recognized professional certification such as CISSP, CISM
Experience with NIST 800-53 Rev 5
Direct experience with certification and accreditation techniques and methodologies
AWS, AZURE, Google
Experience with container security.
Due to the nature of the government contracts this position requires ship.
This position can be located at any CGI office in the U.S., preferred location is Lafayette, LA or Knoxville, TN or Lebanon, VA. We are currently working in a hybrid model, coming into the office 2 days a week.
CGI is required by law in some jurisdictions to include a reasonable estimate of the compensation range for this role. The determination of this range includes various factors not limited to skill set, level, experience, relevant training, and licensure and certifications. To support the ability to reward for merit-based performance, CGI typically does not hire individuals at or near the top of the range for their role. Compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range for this role in the U.S. is $97,000-$240,000k/ yearly.
At CGI Federal we call our professionals "members" to reinforce that all who join our team are owners and empowered to participate in the challenges and rewards that come from building a world-class company. CGI Federal's benefits include:
Eligibility to participate in an attractive Share Purchase Plan (SPP) in which the company matches dollar-for-dollar contributions made by eligible employees, up to a maximum, for their job category
401(k) Plan and Profit Participation for eligible members
Paid Time Off (PTO)
10 Standard Holidays
Health & Welfare Benefits as determined by your Service Contract Act
#CGIFederalJob
#Dice
#LI-AD1
Together, as owners, let's turn meaningful insights into action.
Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, you'll reach your full potential because...
You are invited to be an owner from day 1 as we work together to bring our Dream to life. That's why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company's strategy and direction.
Your work creates value. You'll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise.
You'll shape your career by joining a company built to grow and last. You'll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons.
Come join our team-one of the largest IT and business consulting services firms in the world.
Qualified applicants will receive consideration for employment without regard to their race, ethnicity, ancestry, color, sex, religion, creed, age, national origin, citizenship status, disability, medical condition, military and veteran status, marital status, sexual orientation or perceived sexual orientation, gender, gender identity, and gender expression, familial status, political affiliation, genetic information, or any other legally protected status or characteristics.
CGI provides reasonable accommodations to qualified individuals with disabilities. If you need an accommodation to apply for a job in the U.S., please email the CGI U.S. Employment Compliance mailbox at . You will need to reference the requisition number of the position in which you are interested. Your message will be routed to the appropriate recruiter who will assist you. Please note, this email address is only to be used for those individuals who need an accommodation to apply for a job. Emails for any other reason or those that do not include a requisition number will not be returned.
We make it easy to translate military experience and skills! Click here to be directed to our site that is dedicated to veterans and transitioning service members.
All CGI offers of employment in the U.S. are contingent upon the ability to successfully complete a background investigation. Background investigation components can vary dependent upon specific assignment and/or level of US government security clearance held.
CGI will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with CGI's legal duty to furnish information.