What are the responsibilities and job description for the Information Systems Security Officer position at CGI?
Information Systems Security Officer
Position Description
The Information Systems Security Officer (ISSO) must hold a nationally recognized security certification (e.g. CISSP, CCSP, CSSLP) and have a minimum of five years of experience equivalent to performing the duties of an ISSO.
Your future duties and responsibilities
o Keep Management abreast of any POA&M issues that affect completion dates
o Issue WCVFs (Weakness Completion Verification Form) to officially close out POA&Ms
o Briefings
o Development and Operations Meetings
o Development elaborations and sprints
o Update CDM documentation as required
o Coordinate CDM Data Calls
o Verify that the systems Control Allocation Table and Trigger Logs are kept up to date.
o Review all scans
o Work with developers and administrators to address mitigation of findings
o Verify that the ATD form is accurately completed.
o Approve deployment of any hardware/application that is shown to be low or no risk.
o Verify that development meets appropriate NIST SP800-53 controls.
Required qualifications to be successful in this role
The ISSO must possess experience in managing security operations of a large complex Federal Government IT system. Desired skills and/or credentials are as follows:
List items desired for the Candidate, but not required.
Minimum Education Required: Bachelors Degree
The Operations Manager shall manage all aspects of an IT Systems operations tasks including:
Clearly identify the essential qualification vs the desired qualifications.
The Operations Manager must possess experience in managing the Operations and Maintenance of a large complex Federal Government IT system. Desired skills and/or credentials are as follows:
List items desired for the Candidate, but not required.
Minimum Education Required: Bachelors Degree
#CGIFederalJob
#LI-SW2
Insights you can act on
While technology is at the heart of our clients' digital transformation, we understand that people are at the heart of business success.
When you join CGI, you become a trusted advisor, collaborating with colleagues and clients to bring forward actionable insights that deliver meaningful and sustainable outcomes. We call our employees "members" because they are CGI shareholders and owners and owners who enjoy working and growing together to build a company we are proud of. This has been our Dream since 1976, and it has brought us to where we are today - one of the world's largest independent providers of IT and business consulting services.
At CGI, we recognize the richness that diversity brings. We strive to create a work culture where all belong and collaborate with clients in building more inclusive communities. As an equal-opportunity employer, we want to empower all our members to succeed and grow. If you require an accommodation at any point during the recruitment process, please let us know. We will be happy to assist.
Ready to become part of our success story? Join CGI - where your ideas and actions make a difference.
Qualified applicants will receive consideration for employment without regard to their race, ethnicity, ancestry, color, sex, religion, creed, age, national origin, citizenship status, disability, pregnancy, medical condition, military and veteran status, marital status, sexual orientation or perceived sexual orientation, gender, gender identity, and gender expression, familial status, political affiliation, genetic information, or any other legally protected status or characteristics.
CGI provides reasonable accommodations to qualified individuals with disabilities. If you need an accommodation to apply for a job in the U.S., please email the CGI U.S. Employment Compliance mailbox at US_Employment_Compliance@cgi.com . You will need to reference the requisition number of the position in which you are interested. Your message will be routed to the appropriate recruiter who will assist you. Please note, this email address is only to be used for those individuals who need an accommodation to apply for a job. Emails for any other reason or those that do not include a requisition number will not be returned.
We make it easy to translate military experience and skills! Click here to be directed to our site that is dedicated to veterans and transitioning service members.
All CGI offers of employment in the U.S. are contingent upon the ability to successfully complete a background investigation. Background investigation components can vary dependent upon specific assignment and/or level of US government security clearance held. CGI will consider for employment qualified applicants with arrests and conviction records in accordance with all local regulations and ordinances.
CGI will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with CGI's legal duty to furnish information.
Skills
Position Description
The Information Systems Security Officer (ISSO) must hold a nationally recognized security certification (e.g. CISSP, CCSP, CSSLP) and have a minimum of five years of experience equivalent to performing the duties of an ISSO.
Your future duties and responsibilities
- Function as System Owner's IT security expert.
- Advise the system owner (SO) regarding security considerations in applications systems procurement or development, implementation, operation and maintenance, and disposal activities (i.e., life cycle management). Reports any possible weakness/vulnerability to the SO
- Assist in the determination of an appropriate level of security commensurate with the level of sensitivity. Coordinate with all stakeholders to ensure that the major application maintains confidentiality, integrity and availability.
- Assist in the development and maintenance of security and contingency plans.
- Participate in security impact analysis to periodically re-evaluate sensitivity of the system, risks, and mitigation strategies.
- Participate in security impact analysis of system safeguards and program elements and in authorization and assessment (A&A) of the system for continuous monitoring.
- Meet routinely with the SO to review POA&M (Plan of Actions and Milestones) status.
o Keep Management abreast of any POA&M issues that affect completion dates
o Issue WCVFs (Weakness Completion Verification Form) to officially close out POA&Ms
- Ensure that the system documentation in CSAM is current including but not limited to:
- Act as the point of contact (POC) for all security incidents and the Computer Incident Response Team (CIRT)
- Handle and investigate incidents in cooperation with, and under direction of, the SO and CIRT.
- Provide oversight of vulnerability scanning and assist in penetration testing of systems/networks.
- Ensure all user accounts are disabled within 24 hours of notification of user's separation and immediately for individuals being separated for adverse reasons.
- Monitor and review security policy, practices, and procedures.
- Enforce the security of all interfaces with external systems, develop and maintain interconnection documentation (ISA, SLA, MOU, and MOA).
- Responsible for maintaining a security certification as specified by policy.
- Responsible for taking annual role-based security training commensurate with the role and keeping security knowledge current.
- Act as system Security representative in all meetings including but not limited to:
o Briefings
o Development and Operations Meetings
o Development elaborations and sprints
- Support the CDM (Continuous Detection and Mitigation) Program
o Update CDM documentation as required
o Coordinate CDM Data Calls
o Verify that the systems Control Allocation Table and Trigger Logs are kept up to date.
- Participates in the Authority to Deploy (ATD) process
o Review all scans
o Work with developers and administrators to address mitigation of findings
o Verify that the ATD form is accurately completed.
o Approve deployment of any hardware/application that is shown to be low or no risk.
o Verify that development meets appropriate NIST SP800-53 controls.
Required qualifications to be successful in this role
The ISSO must possess experience in managing security operations of a large complex Federal Government IT system. Desired skills and/or credentials are as follows:
- Hold a nationally recognized security certification (e.g. CISSP, CCSP, CSSLP)
- Minimum of five years of experience equivalent to performing the duties of an ISSO.
- Strong understanding of project management principles and practices
- Strong understanding of Helpdesk and Customer Relations Support systems
List items desired for the Candidate, but not required.
- Experience with Oracle technologies including ADF, Web Logic, Forms and Reports, and APEX.
- Experience with Atlassian tools: Confluence, Jira, Git
- Project Manager Professional (PMP) Certification
- Information Technology Infrastructure Library (ITIL) Certification
Minimum Education Required: Bachelors Degree
The Operations Manager shall manage all aspects of an IT Systems operations tasks including:
- Planning, managing, and controlling the computer operations activities following SOP and applicable STIG.
- Ensuring system SOP are reviewed and updated annually.
- Providing project management of IT Systems operations tasks, utilizing the Government approved procedures and tools and participating in special projects as required.
- Ensuring patching procedures are conducted, following the applicable change management workflow and schedule.
- Providing reports on operational status upon request from client operations management or their delegate.
- Assigning tasks while achieving optimum effectiveness, prioritizing tasks based on input from client operations management or their delegate.
- Monitoring contract staff performance and providing cross-training to staff as needed.
- Maintaining knowledge of existing technology as it applies to current and future IT system architecture.
- Recommending and implementing programs to minimize costs, achieve optimum output, and maintain quality.
Clearly identify the essential qualification vs the desired qualifications.
The Operations Manager must possess experience in managing the Operations and Maintenance of a large complex Federal Government IT system. Desired skills and/or credentials are as follows:
- Strong technical knowledge of network and server operating system
- Proven experience in IT infrastructure planning, development, and operations
- Powershell scripting
- VmWare, Azure and/or AWS Server Virtualization
- Enterprise Backup, Replication and Business Continuity and Disaster recover mitigation and response
- Strong understanding of project management principles and practices
- Strong understanding of Helpdesk and Customer Relations Support systems
- Data Security and Cyber Security basics
List items desired for the Candidate, but not required.
- Experience with Oracle technologies including ADF, Web Logic, Forms and Reports, and APEX.
- Experience with Atlassian tools: Confluence, Jira, Git
- Project Manager Professional (PMP) Certification,
- Information Technology Infrastructure Library (ITIL) Certification,
- Certified Secure Software Lifecycle Professional (CSSLP)
Minimum Education Required: Bachelors Degree
#CGIFederalJob
#LI-SW2
Insights you can act on
While technology is at the heart of our clients' digital transformation, we understand that people are at the heart of business success.
When you join CGI, you become a trusted advisor, collaborating with colleagues and clients to bring forward actionable insights that deliver meaningful and sustainable outcomes. We call our employees "members" because they are CGI shareholders and owners and owners who enjoy working and growing together to build a company we are proud of. This has been our Dream since 1976, and it has brought us to where we are today - one of the world's largest independent providers of IT and business consulting services.
At CGI, we recognize the richness that diversity brings. We strive to create a work culture where all belong and collaborate with clients in building more inclusive communities. As an equal-opportunity employer, we want to empower all our members to succeed and grow. If you require an accommodation at any point during the recruitment process, please let us know. We will be happy to assist.
Ready to become part of our success story? Join CGI - where your ideas and actions make a difference.
Qualified applicants will receive consideration for employment without regard to their race, ethnicity, ancestry, color, sex, religion, creed, age, national origin, citizenship status, disability, pregnancy, medical condition, military and veteran status, marital status, sexual orientation or perceived sexual orientation, gender, gender identity, and gender expression, familial status, political affiliation, genetic information, or any other legally protected status or characteristics.
CGI provides reasonable accommodations to qualified individuals with disabilities. If you need an accommodation to apply for a job in the U.S., please email the CGI U.S. Employment Compliance mailbox at US_Employment_Compliance@cgi.com . You will need to reference the requisition number of the position in which you are interested. Your message will be routed to the appropriate recruiter who will assist you. Please note, this email address is only to be used for those individuals who need an accommodation to apply for a job. Emails for any other reason or those that do not include a requisition number will not be returned.
We make it easy to translate military experience and skills! Click here to be directed to our site that is dedicated to veterans and transitioning service members.
All CGI offers of employment in the U.S. are contingent upon the ability to successfully complete a background investigation. Background investigation components can vary dependent upon specific assignment and/or level of US government security clearance held. CGI will consider for employment qualified applicants with arrests and conviction records in accordance with all local regulations and ordinances.
CGI will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with CGI's legal duty to furnish information.
Skills
- Information technology
- Project Management
- Data Warehousing
IT CYBERSECURITY SPECIALIST (RSK)
US Office of the Chief Information Officer -
Orleans, LA
Security Officer
Weiser Security -
Galliano, LA
Security Officer
Weiser Security Services -
Galliano, LA
