Campus Pride Jobs

Information System Security Officer (ISSO)

Category: Cyber Security

Main location: United States, Georgia, Atlanta

Alternate Location(s): United States, Arizona, Phoenix

United States, Alabama, Birmingham

United States, North Carolina, Charlotte

United States, Texas, Dallas

United States, Texas, Houston

Position ID: J0125-0608

Employment Type: Full Time

Position Description:

This is a rare opportunity to join a fast-growing team of information security experts as we transform, enhance, and expand the security program for one of the largest information technology providers in the world. You will join the United States Global Technology Operations (US GTO) Security Strategy and Solutions team supporting governance, risk, and compliance consulting services as well as security service delivery across one or more US-based industries. The successful candidate will have a broad knowledge of current security practices as well as the ability to identify and apply legal, regulatory, and industry-specific security requirements. You will help our clients define and deploy effective security solutions and strategies while addressing ever-changing regulatory and industry compliance challenges. You must be able to collaborate with a variety of technical and management disciplines including infrastructure and security architecture, security operations, application development, project managers, product owners, and others.

This role can be performed at any CGI office, however a hybrid working model is acceptable.

Your future duties and responsibilities:

FUTURE DUTIES AND RESPONSIBILITIES

• Serve as a security subject matter expert for one or two US-based CGI industry sectors, such as finance, insurance, healthcare, energy, or state and local government.

• Understand whether and how to apply legal, regulatory, and industry-specific security requirements and practices, such those described under Required Qualifications.

• Analyze and design controls to secure on and off premise private, public, community, and hybrid cloud environments

• Participate in ongoing security-related activities in support of new or existing client contracts, including but not limited to assessing proposed application or infrastructure changes for security impacts, assisting with the development and maintenance of disaster recovery plans, and producing routine security status reports

• Coordinate and participate in the preparation of document packages for regulatory submissions from all areas of company as well as for internal and external audits and inspections. Potentially serve as point of contact for interactions with regulatory agencies for defined matters.

• Perform information security maturity assessments for clients, and assist clients in developing information security roadmaps/programs as required.

• Assess 3rd party cloud service providers for the client and industry standards compliance

• Analyze business activities and operations for risk. Identify areas of potential loss or damage and quantify impact. Implement and evaluate compliance with business risk-reduction policies, processes and standards.

• Assist in assessing and responding to public sector bid solicitations.

Travel between 25-50% of time.

Required qualifications to be successful in this role:

5+ years of experience in information security, IT infrastructure, or related fields.

At least one relevant industry certification (e.g., CISSP, CISA, CISM, SANS/GIAC).

3+ years of experience with one or more industry security frameworks (e.g., NIST, PCI-DSS, HIPAA).

3+ years of experience delivering consulting services to clients.

3+ years of experience in risk assessment, risk management, and compliance auditing.

Bachelor's degree from an accredited institution.

Preferred:

Experience in financial services or insurance.

Additional security certifications (e.g., CISSP, CISA, CISM, SANS/GIAC).

Experience with security testing (e.g., penetration testing, vulnerability assessments).

Knowledge of cloud security, IAM, and DevOps.

Experience with Linux/Windows administration.

CGI anticipates accepting applications for this position through February 28, 2025.

“CGI is required by law in some jurisdictions to include a reasonable estimate of the compensation range for this role. The determination of this range includes various factors not limited to skill set, level, experience, relevant training, and licensure and certifications. To support the ability to reward for merit-based performance, CGI typically does not hire individuals at or near the top of the range for their role. Compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range for this role in the U.S. is $76,300 - $133,500.”

CGI’s benefits are offered to eligible professionals on their first day of employment to include:

•Competitive compensation including profit participation program

•Comprehensive medical, dental, and vision benefits

•Basic life and accidental death & dismemberment insurance

•Matching contributions through 401(k) plan, and CGI share purchase plan

•Flexibility and paid accrued vacation leave, ranging from 10 to 20 days per year, based on job level, years of relevant prior experience, and years of service