Vacancy expired!
Security Engineer
Position Description CGI is seeking an experienced and highly motivated security professional to help secure and protect CGI and client environments. Applicant's responsibilities will include evaluating new technology, installing, operating and maintaining security tools / controls, and working to continuously improve CGI security engineering practices. Applicant must have specific experience with vulnerability management solutions, specifically Rapid7 InsightVM, as well as general information security and risk management expertise. Applicant must also be a skilled communicator, with an ability carry on detailed technical discussions with team members, as well as an ability to summarize and clearly communicate work status, key issues and risks to management. Finally, applicant must be able to thrive in a dynamic environment, remaining organized while working on multiple projects with multiple stakeholders in parallel.This role can be located at any CGI office in the U.S.Your future duties and responsibilities Working through the secure system development lifecycle to assist in one or more functions to operate and maintain an automated security platform, including:1. Leveraging automated vulnerability assessment and vulnerability management capabilities2. Network management, asset inventory and access control 3. Logging and auditing functions with System Incident and Event Monitoring (SIEM) and orchestration efforts4. Leveraging next generation firewall knowledge to build automated workflows5. Building incident and event monitoring into automated workflows6. Correlating security analytics into meaningful information and reports7. Managing API interfaces8. Integrating security logs into compliance software9. Developing remediation recommendations for findings where automated actions have not yet been applied10. Working collaboratively with team members and stakeholders, and clearly and proactively communicating work status, key issues and risks to management.Required qualifications to be successful in this role Must be able to pass a CGI background check to start employment 2 years of Information Security experience and a Bachelor's Degree Must have expert proficiency in the following areas:1. System Incident and Event Monitoring (SIEM), Log Monitoring, Log Management and Incident Response2. Public and private cloud security solutions and capabilities. Familiarity with Azure, AWS, and Google Cloud SaaS and PaaS compliance and risk management.3. Proficient oral and written communication skills4. Experience with security certification standards Must understand the scope of future duties list above and how to integrate security functions into SaaS offerings, and drive continuous improvement into the security services / functions. Skill Set - Years of Experience - Proficiency LevelInformation security job experience - 2+ years - ModerateVulnerability management solution experience (ideally Rapid7) - 2+ years - ModerateDESIRED QUALIFICATIONS/NON-ESSENTIAL SKILLS REQUIRED Security relevant certifications: CISSP, Security+, CASP, CEH, OSCP, GPEN/GWAPT The application of Secure System Development Life Cycle, Dev Secure Ops or Agile methodologies Understanding of Threat Hunting techniques and management Understanding of Penetration Testing and Application Security Understanding of ITSM and IAM integration Understanding of API security techniques and management Familiarity with Hardware Security Module (HSM) and PKI solutions Familiarity with VPN architecture and secure network design a plus System hardening and development background Demonstrated security testing experience Vulnerability Assessments/Penetration Testing, Static/Dynamic Code Analysis & Code Reviews and Secure Development Lifecycles. Ability to travel as needed up to 25% Skill Set - Years of Experience - Proficiency LevelScripting skills (Bash/Python/Perl/Ruby) - 2+ years - JuniorPenetration testing tools experience - 2+ years - JuniorKnowledge of security and architecture frameworks - 2+ years - JuniorEst. Salary Range (Colorado Only): $66,000-$100,000xDisclaimer: In accordance with Colorado's Equal Pay for Equal Work Act, effective January 1, 2021, a good faith hourly or base salary range must be posted for all positions where the work may be performed in the state of Colorado. Therefore, this good faith salary range will only apply where this described position will be performed in the state, and should not be considered the compensation range in other locations or for other positions.At CGI we call our professionals "members" to reinforce that all who join our team are, as owners, empowered to participate in the challenges and rewards that come from building a world-class company. CGI's benefits include: Competitive base salaries Eligibility to participate in an attractive Share Purchase Plan (SPP) in which the company matches dollar-for-dollar contributions made by eligible employees, up to a maximum, for their job category 401(k) Plan and Profit Participation for eligible members Generous holidays, vacation, and sick leave plans Comprehensive insurance plans that include, among other benefits, medical, dental, vision, life, disability, out-of-county emergency coverage in all countries of employment; Back-up child care, Pet insurance, a Member Assistance Program, a 529 college savings program, a personal financial management tool, lifestyle management programs and more#LI-BR1Build your career with us.It is an extraordinary time to be in business. As digital transformation continues to accelerate, CGI is at the center of this change-supporting our clients' digital journeys and offering our professionals exciting career opportunities. At CGI, our success comes from the talent and commitment of our professionals. As one team, we share the challenges and rewards that come from growing our company, which reinforces our culture of ownership. All of our professionals benefit from the value we collectively create.Be part of building one of the largest independent technology and business services firms in the world.Learn more about CGI at www.cgi.com .No unsolicited agency referrals please.CGI is an equal opportunity employer.Qualified applicants will receive consideration for employment without regard to their race, ethnicity, ancestry, color, sex, religion, creed, age, national origin, citizenship status, disability, pregnancy, medical condition, military and veteran status, marital status, sexual orientation or perceived sexual orientation, gender, gender identity, and gender expression, familial status, political affiliation, genetic information, or any other legally protected status or characteristics.CGI provides reasonable accommodations to qualified individuals with disabilities. If you need an accommodation to apply for a job in the U.S., please email the CGI U.S. Employment Compliance mailbox at USEmploymentCompliance@cgi.com . You will need to reference the requisition number of the position in which you are interested. Your message will be routed to the appropriate recruiter who will assist you. Please note, this email address is only to be used for those individuals who need an accommodation to apply for a job. Emails for any other reason or those that do not include a requisition number will not be returned.We make it easy to translate military experience and skills! Click here to be directed to our site that is dedicated to veterans and transitioning service members.All CGI offers of employment in the U.S. are contingent upon the ability to successfully complete a background investigation. Background investigation components can vary dependent upon specific assignment and/or level of US government security clearance held. CGI will consider for employment qualified applicants with arrests and conviction records in accordance with all local regulations and ordinances.CGI will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with CGI's legal duty to furnish information.Skills- Vulnerability Management(IAVM)
- Incident Management
Vacancy expired!