Menu close

Cyber Information Assurance Analyst

Back

Cyber Information Assurance Analyst

@ CGI

Position Description:

  • CGI Federal is seeking a qualified Cyber Information Security Analyst that will support the CGI Federal ISSO Support Team..
  • The CGI Federal Information System Security Officer (ISSO) provides guidance and oversight to project teams, client groups, and delivery teams in support of security governance and compliance for the services CGI Federal is delivering.
  • The ISSO member will participate as part of a security team that supports projects information security needs to comply with Federal agency’s comprehensive security program to include NIST Risk Management Framework and FedRAMP authorizations


Your future duties and responsibilities:

  • The responsibilities of the Cyber Information Security Analyst include, but are not limited to:
  • Maintain operational security posture for an information system or program to ensure information systems security design, implementation, management and review of policies, standards, baselines, procedures, and guidelines are established and followed. Understand the business functions to help ensure business is conducted as securely as possible.
  • Create and review documentation to support Systems Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and Client Responsibility Matrix (CRM)
  • Identify, manage and monitor POA&Ms, assisting Business Units or Clients in improving the quality and effectiveness of their POAMs. Provide guidance through remediation as well as develop corrective action plans for each POA&Ms.
  • Provide continuous monitoring and event-driven monitoring management services to include running adhoc or on demand scanning of project teams environment. Identify assets and associated vulnerabilities and provide recommendations for remediation. Ensure audit records and event logs are collected, reviewed, and documented (to include any anomalies) Document security breaches and assess their damage.
  • Provide configuration management (CM) for information system security software, hardware, and firmware; manage changes to system and assess the security impact of those changes.
  • Work with multiple teams and client project team members and establish and maintain a strong customer-focused working relationship. Assist the System Owner operate the system as securely as possible to fulfill mission requirements.
  • Establish and maintain regular written and in-person communications with the organization's executives, department heads and end users regarding pertinent security activities.
  • Keep up to date with developments in IT security standards and threats.
  • Provide detailed and accurate technical reporting of analysis results in the form of PowerPoint presentations and/or Word documents, as well as oral briefings on complex technical subjects attuned to senior management, technical, or non-technical audiences.

Qualifications:

Required qualifications to be successful in this role:

Education or Experience:

  • Bachelor's eight (8) years of Cyber Information Security Analysis.
  • Experience with FedRAMP and NIST compliance.
  • Experience with cloud security for AWS, and Azure environments.
  • Experience with network architecture concepts, common ports and protocols, and network monitoring tools;
  • Experience with writing clear and concise technical documents specifically policies, processes, and procedural documentation;
  • Experience with Nessus and Trend Micro and Cloud Native Security Tool solutions.
  • Experience with container security tools.
  • Organizational skills and the ability to work autonomously with attention to detail and processes;
  • Excellent communication skills with experience providing incident briefings to peers, management and clients;
  • Excellent written skills with experience creating formal incident reports.
  • Industry recognized professional certification such as CISSP, CISM
  • Experience with NIST 800-53 Rev 5
  • Direct experience with certification and accreditation techniques and methodologies
  • AWS, AZURE, Google
  • Experience with container security.


Skills:

  • NIST
  • Public Cloud Security
  • Nessus
  • Network Security

How to Apply:

Apply online at https://www.cgi.com/en/careers


Visit Site to Apply

Location: Lafayette, LA
Date Posted: February 19, 2024
Application Deadline: May 19, 2024
Job Type: Full-time