CGI Technologies and Solutions, Inc. Lead Information System Security Officer (ISSO) - TS Clearance Required in Fairfax, Virginia
Lead Information System Security Officer (ISSO) - TS Clearance Required
- Log in
Find similar career opportunities
Lead Information System Security Officer (ISSO) - TS Clearance Required
Category: Cyber Security Consulting
City: Fairfax, Virginia, United States
Position ID: J0919-2151
Employment Type: Full Time
Meet our professionals
CGI: A place to build an IT career
CGI is in the top 5 largest global IT companies spread across 40 countries with endless opportunities to expand and grow. As a CGI Federal Member, you have the opportunity to be a shareholder at CGI and join a family of 75,000 members strong. We are currently seeking candidates to join our successful Federal organization as a Lead ISSO for an enterprise cybersecurity opportunity. The position involves designing and executing cloud architecture blueprints and bringing them to reality. Candidates will design and configure build plans, code pipelines and create automated solutions that can be frame worked and re-used within the program as needed. We are looking for subject matter experts that can evangelize the latest technologies and tools to provide better efficiency and solutions for program teams. The ISSO will be responsible for developing security plans for IT security systems that anticipate, identify, evaluate, mitigate, and minimize risks associated with IT systems vulnerabilities; ensuring procedural development and implementation are in compliance with security and organizational requirements; documenting hardware and software system security implementations (e.g., hardware firmware upgrades, operating system patches and configuration changes); and developing best practices, operating procedures, and configuration guidance for the technologies used. Working knowledge of NIST 800 series special publications and the NIST Risk Management Framework.
Your future duties and responsibilities:
Work with system owners and technical leads to develop and maintain security documentation. Be the security POC for multiple systems within the environment.
Coordinate monthly vulnerability scanning activities and analysis results.
Maintain the security management program including security policy, practices, standards, procedures and processes, coordinate and support regular security audits as part of the comprehensive System Security Policy, standards, practices and procedures, in order to maintain security authority to operate.
Prepare, validate and maintain security documentation including, but not limited to: system security plan (SSP), risk assessment (RA), contingency plan (CP), privacy impact assessment (PIA), eAuthentication assessment and FIPS categorization.
Coordinate and support risk assessments and ensure corrective action on any identified security exposures.
Provide advice and leadership in creating and maintaining contingency plans for any security emergencies.
Continuously identify and escalate any risks to product solution, quality, staffing and/or delivery commitments so they can be acted upon in timely manner.
Participate in sprint and/or system demos for stakeholder teams to maintain a pulse on project progress and interdependencies throughout the lifecycle. Identify and offer suggestions for improvement.
Participate in quality validation exercises, including subsystem assessment reviews and/or exploratory testing efforts to continuously keep a pulse on product quality and identify areas for adjustment early in the process.
Mentor developers and other technical resources to enable them to learn the ins and outs of the software and how our customers do business, provide assistance in managing trade-offs and assessing user or system impact, and promote adherence to design standards and processes to promote quality.
Work with customers to understand technical requirements, provide support on current software implementations, and make recommendations for a product path forward.
Required qualifications to be successful in this role:
Due to the nature of the government contract requirements and/or clearance requirements, US citizenship is required.
Possess a TS security clearance and be SCI eligible.
A minimum of 10 years of experience managing cyber architecture teams for enterprise cybersecurity shared services programs.
Experience developing cybersecurity solutions across a diverse and heterogeneous IT environment, including the following:
Technical leadership in Enterprise Architecture (EA), Service Oriented Architecture (SOA), and IT Service Delivery to multiple U.S. Government agencies.
Demonstrated experience in security solution design using existing and emerging technologies to achieve enterprise solutions.
A minimum of 6 years of experience working with Security Authorization requirements, developing and enhancing the security risk posture, and analyzing and reporting IT security metrics.
A minimum of 4 years of experience in security policy and emerging cybersecurity technologies.
A minimum of 4 years of experience deploying applications to cloud based platforms.
Hands-on experience designing and/or implementing cloud-based and/or cloud-native solutions in production workloads.
Experience using Amazon Web Services, including using AWS native services (Cloud Formation, S3, etc.).
Experience working in a DevOps environment with teams.
Understanding of Agile, DevOps and Infrastructure as Code (IaC) is strongly desired.
Ability to develop and contribute in an IaC environment while working seamlessly in a distributed team via collaboration tools.
Must own ability to learn fast, adapt to new technology.
Knowledge of deployment of application servers, database management systems, integration platforms is desired. Understanding of critical path analysis of schedules.
Demonstrated strong oral and written communication and presentation skills.
Attention to detail coupled with effective analytical and problem-solving aptitude.
Ability to establish working relations at all organizational levels and demonstrate ability to diplomatically and effectively deal with government officials and program office stakeholders.
Self-motivator with ability to work as part of a team or independently with little supervision or direction.
Ability to balance and prioritize many diverse tasks at once.
Experience in establishing new processes.
-Ability to communicate clearly and present information to the customer in a format they can understand.
Preparing security documentation.
Evaluating security and privacy controls to determine which are applicable and which have changed.
Participating in security assessments and audits.
Completing non-technical analysis activities.
Providing direct support to a client ISSO.
Identifying and mitigating risks.
Ideal candidate has a strong technical/development background.
Prior experience managing cloud related projects a plus.
Certified Risk and Information Systems Controller (CRISC).
-Certified Information Security Manager (CISM).
Certified Ethical Hacker (CEH).
Global Information Assurance Certification (GIAC) and GIAC Security Essentials.
Certified Project Management Professional (PMP).
Certified Information Systems Security Professional (CISSP).
What you can expect from us:
Build your career with us.
It is an extraordinary time to be in business. As digital transformation continues to accelerate, CGI is at the center of this change—supporting our clients’ digital journeys and offering our professionals exciting career opportunities.
At CGI, our success comes from the talent and commitment of our professionals. As one team, we share the challenges and rewards that come from growing our company, which reinforces our culture of ownership. All of our professionals benefit from the value we collectively create.
Be part of building one of the largest independent technology and business services firms in the world.
Learn more about CGI at www.cgi.com .
No unsolicited agency referrals please.
CGI is an equal opportunity employer.
Qualified applicants will receive consideration for employment without regard to their race, ethnicity, ancestry, color, sex, religion, creed, age, national origin, citizenship status, disability, medical condition, military and veteran status, marital status, sexual orientation or perceived sexual orientation, gender, gender identity, and gender expression, familial status, political affiliation, genetic information, or any other legally protected status or characteristics.
CGI provides reasonable accommodations to qualified individuals with disabilities. If you need an accommodation to apply for a job in the U.S., please email the CGI U.S. Employment Compliance mailbox at USEmploymentCompliance@cgi.com . You will need to reference the requisition number of the position in which you are interested. Your message will be routed to the appropriate recruiter who will assist you. Please note, this email address is only to be used for those individuals who need an accommodation to apply for a job. Emails for any other reason or those that do not include a requisition number will not be returned .
We make it easy to translate military experience and skills! Click here at https://cgi-veterans.jobs/ to be directed to our site that is dedicated to veterans and transitioning service members.
All CGI offers of employment in the U.S. are contingent upon the ability to successfully complete a background investigation. Background investigation components can vary dependent upon specific assignment and/or level of US government security clearance held.
CGI will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with CGI’s legal duty to furnish information.