CGI Technologies and Solutions, Inc. Software Security Engineer in Fairfax, Virginia
Software Security Engineer
Find similar career opportunities
Software Security Engineer
Category: Cyber Security Consulting
City: Fairfax, Virginia, United States
Position ID: J0418-1703
Employment Type: Full Time
Meet our professionals
CGI: A place to build an IT career
CGI is seeking an experienced and highly motivated security professional developer to help CGI protect it and its client’s intellectual property within the US Commercial and Industry Solutions business unit. Your responsibilities include overseeing and building the selection, development and deployment of data and system protection security controls that support application security engineering and infrastructure security engineering. This role can be located in metropolitan areas.
Your future duties and responsibilities:
Current areas of focus include
Applicant must have an understanding in the areas of information security and risk management such as cybersecurity threats, vulnerability assessments, threat intelligence, incident response and controls, security architecture, active defense, intrusion detection, cloud security, and other related technical responsibilities. An understanding of threat modeling and mitigations to threats would be a strong benefit. They must be able to keep on top of emerging/evolving technology trends and impact on security/risk posture for application support to include big data, machine learning, analytics, mobile technologies, and virtualization.
Required qualifications to be successful in this role:
• Expert knowledge of cryptography methods
• Expert knowledge of the integration of encryption of data in transit, in-use and at rest into software solutions
• Automating certificate and key management capabilities to include hashing
• Content tagging/labeling
• Establishing automated vulnerability assessment and vulnerability management
• Data loss prevention (DLP) engineering and integration
• Next generation firewall knowledge
• Understanding of logging and auditing functions with SIEM and orchestration efforts
• Next generation malware detection and remediation
• Correlation of security analytics into meaningful information and reports
• Assist with the development of remediation recommendations for identified findings
• Identify and clearly articulate (written and verbal) findings to senior management
• 5 years of Information Security experience and a Bachelor's Degree (additional experience can be substituted in lieu of education)
• Must understand the Secure System Development Life Cycle, Secure Dev Ops and Agile methodologies
• Must understand the scope of future duties list above and how to integrate security functions into SaaS offerings and improve the functions through a security viewpoint.
• Have an understanding of common security vulnerabilities
• A demonstrated track record of leading the development of security modules compliant to FIPS140-2.
• Professional experience building products with cryptographic modules in at least one high-level language;
• Knowledge of how to read and understand code in languages such as C, C++, or Java.
• Understanding of how cryptography is correctly applied in products and protocols to provide capabilities such as authentication, privacy, and integrity.
• Generates new code and corrects, converts, and/or modifies existing code to meet specifications
• Development expertise with integration to FIPS 140-2 compliant key vaults and key management solutions
• Expertise with public and private cloud encryption and key management capabilities
• Extensive knowledge of Cryptography & Secure Protocols,
• Familiarity with Azure and AWS encryption capabilities a plus
• Proficient oral and written communications skills.
• Experience with security certification standards
• Security relevant certifications: Security+, CASP, CEH, OSCP, GPEN/GWAPT
• Familiarity with Hardware Security Module (HSM) and PKI solutions a plus
• Familiarity with VPN architecture and secure network design a plus
• System hardening and development background
• Demonstrated security testing experience
• Vulnerability Assessments/Penetration Testing, Static/Dynamic Code Analysis & Code Reviews and Secure Development Lifecycles.
• Ability to travel as needed up to 15%
- Security Architecture
What you can expect from us:
Build your career with us.
It is an extraordinary time to be in business. As digital transformation continues to accelerate, CGI is at the center of this change—supporting our clients’ digital journeys and offering our professionals exciting career opportunities.
At CGI, our success comes from the talent and commitment of our professionals. As one team, we share the challenges and rewards that come from growing our company, which reinforces our culture of ownership. All of our professionals benefit from the value we collectively create.
Be part of building one of the largest independent technology and business services firms in the world.
Learn more about CGI at www.cgi.com .
No unsolicited agency referrals please.
CGI is an equal opportunity employer.
Qualified applicants will receive consideration for employment without regard to their race, ethnicity, ancestry, color, sex, religion, creed, age, national origin, citizenship status, disability, medical condition, military and veteran status, marital status, sexual orientation or perceived sexual orientation, gender, gender identity, and gender expression, familial status, political affiliation, genetic information, or any other legally protected status or characteristics.
CGI provides reasonable accommodations to qualified individuals with disabilities. If you need an accommodation to apply for a job in the U.S., please email the CGI U.S. Employment Compliance mailbox at USEmploymentCompliance@cgi.com . You will need to reference the requisition number of the position in which you are interested. Your message will be routed to the appropriate recruiter who will assist you. Please note, this email address is only to be used for those individuals who need an accommodation to apply for a job. Emails for any other reason or those that do not include a requisition number will not be returned .
We make it easy to translate military experience and skills! Click here at https://cgi-veterans.jobs/ to be directed to our site that is dedicated to veterans and transitioning service members.
All CGI offers of employment in the U.S. are contingent upon the ability to successfully complete a background investigation. Background investigation components can vary dependent upon specific assignment and/or level of US government security clearance held.
CGI will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with CGI’s legal duty to furnish information.