Areas of Interest: Network Services, Strategic Planning and Policy Development, Test and Evaluation, Vulnerability Assessment and Management
Make the most of your potential today
The Security Engineer will be a critical part of a diverse team that supports the cyber mission for our Federal customer. This role is an IT security professional responsible for the deployment, operation and maintenance of security tools and identity management technologies.
Your future duties and responsibilities:
- The Security Engineer is responsible integrating and maintaining a wide range of security technologies to include capabilities such as vulnerability management, network access control, compliance assessment, identity management and governance.
- The candidate must have in-depth knowledge of IT environments focusing in operations and security risk management.
- Responsible for analysis of systems security, gap analysis and development/implementation of federal security standards and procedures in accordance with NIST, OMB, FISMA and others.
- Participate in technical assessments of industry leading cyber security products.
- Perform vulnerability and penetration testing across an enterprise to include workstations, servers, applications, network devices and perimeter security devices.
- Work with customers to resolve issues with compliance of systems in relation to NIST Risk Management Framework.
- Define, plan and develop information security systems; for example: Tenable Nessus, Tripwire, Splunk, Arcsight, FireEye, McAfee, Symantec, Trend Micro, HP Fortify, IBM Appscan and other.
- Implementation of Firewalls, IPS and network boundary security.
- Contribute to the development and tracking of IT security deployment projects plans.
- Monitor and control the performance and status of security devices, including routine testing, analysis and other operational tasks.
- Develop and maintain standard operating procedures, processes and guidelines for IT security operations, support and maintenance.
- Maintain awareness of trends in security regulatory, technology and operational requirements.
Required qualifications to be successful in this role:
- Due to the nature of the government contract requirements and/or clearance requirements, US citizenship is required.
- Bachelors Degree in Computer Science, Information Security or similar Engineering discipline or equivalent experience.
- Ability to obtain 1 or more of the following certifications. CISSP, CISA, CISM, Security+ or CEH.
- Minimum 5 years of professional experience with 3+ years of experience in information security and/or IT risk management.
- 3+ years of hands-on experience as a security practitioner implementing a variety of solutions across multiple disciplines as listed above.
- 3+ years of experience architecting solutions with a concentrated focus on security, performance, scalability and reliability.
- 1+ years of experience managing and/or implementing identity management solutions (Sailpoint, Radiantlogic, Xceedium, Microsoft Forefront Identify Manager).
- 3+ years of experience managing large scale programs across the federal/defense agencies.
- 2+ years experience performing network and application security penetration testing and/or threat assessments.
- 1+ years experience with commercial and open source security applications and technologies (e.g. malware prevention, DLP, IDS/IDP, cryptography, vulnerability scanning and penetration testing), as well as related protocols and tools (e.g. SSH, SSL/TLS, snort, port scanners, rootkit detectors, etc.).
- 1+ years experience deploying security solutions in cloud-based environments.
- 1+ years experience with AWS and Azure cloud services and solutions.
- The successful candidate for this position is a highly motivated individual with a strong IT security background who excels operating and deploying security technology and interacting with clients.
- The successful candidate is a self-starter who works effectively with minimal supervision in a highly dynamic environment.
- Experience with application and infrastructure hardening techniques.
- Experienced in IT networking and heterogeneous computing environments (network routing/switching, UNIX, Windows, Virtualized infrastructures).
- Experience with DHS CDM tools and sensors.
- An understanding of threat risk analysis concepts.
- Experience performing information security risk assessments.
- Experience in IT security related audits such as NIST 800-53, DoD 8500.2, PCI DSS, SOX, ISO27001 and 27002, or other relevant legal and best practice requirements, models, or frameworks.
- Security +, Certified Information Systems Auditor or other security industry certifications.
- Knowledge of: Strong Authentication, End Point Security, Internet Policy Enforcement, Web Content Filtering, Database Activity Monitoring (DAM), Public Key Infrastructure (PKI), Data Loss Prevention (DLP), Identity and Access Management (IAM) solutions.
- Experience mentoring colleagues.
What you can expect from us:
Build your career with us.
It is an extraordinary time to be in business. As digital transformation continues to accelerate, CGI is at the center of this change—supporting our clients’ digital journeys and offering our professionals exciting career opportunities.
At CGI, our success comes from the talent and commitment of our professionals. As one team, we share the challenges and rewards that come from growing our company, which reinforces our culture of ownership. All of our professionals benefit from the value we collectively create.
Be part of building one of the largest independent technology and business services firms in the world.
Learn more about CGI at www.cgi.com.
No unsolicited agency referrals please.
CGI is an equal opportunity employer.
Qualified applicants will receive consideration for employment without regard to their race, color, religion, sex, gender Identity, sexual orientation, national origin, age, disability, veteran status, pregnancy, or other status protected by law. CGI will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with CGI’s legal duty to furnish information.
In the US, CGI is committed to a policy of equal employment opportunity. We recruit, employ, train, compensate, and promote without regard to race, ancestry, color, sex, religion, age, national origin, citizenship status, disability, protected veteran status, marital status, sexual orientation or perceived sexual orientation, gender identity, familial status, political affiliation, or any other classification protected by state or federal law.
CGI is committed to the principles of equal employment opportunity and to compliance with US laws and regulations. Click here
to access our US EEO/Affirmative action policy.
Applicants have rights under Federal Employment Laws:
- Consolidated EEO Is The Law
If you need an accommodation in order to complete the application process, click here
We make it easy to translate military experience and skills! Click here
to be directed to our site that is dedicated to veterans and transitioning service members.