Information Systems Security Officer TS/SCI with Poly REQUIRED jobs in United States
info-icon
This job has closed.
company-logo

CGI · 1 month ago

Information Systems Security Officer TS/SCI with Poly REQUIRED

positionColumbia, MD
timeFull-time
remoteOnsite
senioritySenior Level
money$80K/yr - $194K/yr
date6+ years exp

CGI is one of the largest IT and business consulting services firms in the world, and they are seeking an Information Systems Security Officer (ISSO) with a proven track record of DevSecOps success. The role involves ensuring the implementation and maintenance of security controls, managing ATO packages, and drafting security documentation in accordance with various regulations and policies.

AnalyticsApplication Performance ManagementBusiness IntelligenceConsultingCyber SecurityFinanceInformation TechnologyTechnical Support
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Ensure the implementation and maintenance of security controls in accordance with RMF v5
Manage ATO packages
Draft security documentation including Operating Procedures, Cybersecurity Strategy (CSS), System Security Plans (SSP) ATO packages as well as System Security and Privacy Plan (SSPP) in accordance with DoD policies, Department of Airforce (DAF) regulations and our Federal Government customer's guidance
The candidate must have expert knowledge and demonstrated experience with cybersecurity technologies, risk management, and incident response procedures as well as have a solid working understanding of computer functions, including hardware, software, and operating systems. This includes knowledge of Windows, Unix, and Linux operating systems, along with other applications such as databases, web servers, networking technologies, including routing, switching, and VPNs
The ISSO must be able to work autonomously, manage their workload effectively, shift priorities with little to no loss of productivity and communicate effectively with technical and non-technical personnel

Qualification

Risk Management Framework (RMF) v5Cybersecurity technologiesNIST SP 800-53Security documentation writingEMASS proficiencyCloud computing AWSCloud computing AzureNetwork technology knowledgeIncident response proceduresCommunication skillsTeam leadership

Required

Bachelor's degree and 8+ years of experience, or Master's Degree and 6+ years of experience, or PhD and 3+ years of experience. A degree should be within one of the following fields: Information Technology, Computer Science, Cybersecurity, Information Systems, Data Science, or Software Engineering. However, an additional 4 years of relevant experience may be considered in lieu of a Bachelor's degree
Well-versed in best practices for cyber security program standards, processes, and procedures compliance, industry-standard security frameworks and demonstrated expert working knowledge of NIST Special Publication (SP) 800-53: Recommended Security Controls for Federal Information Systems, NIST SP 800-53A: Guide for Assessing the Security Controls in Federal Information Systems, AFPD 17-1 and AFI 17-130, Cybersecurity Program Management
Ability writing security policies and procedures, CSS, SSP, SSPP, and assess all ATO package artifacts
Expert knowledge of Risk Management Framework (RMF) v5 (Processes, workflow, etc.)
Ability to use eMASS to execute, RMF v5 to include document / update system status, identify, document, and manage implementation of operational and technical security controls, implementation and risk assessment tabs, non-compliant and non-validated controls, POAM management (entry, evidence, close-out), produce report and track Plan of Action and Milestone (POA&M) due dates, etc
The ability to complete a checklist to ensure Security Authorization Process documents are complete and comply with all guidance
Ability to work collaboratively with IT counterparts, communicate effectively (skilled in communicating complex technical information to non-technical audience) and coordinate STIG remediation with system administrators and developers
Ability to conduct risk assessments, monitor security Incidents and respond appropriately to Security Threats
Working understanding of network technology (includes knowledge of network protocols)

Preferred

Experience transitioning from RMF v4 to v5
Experience with cloud computing platforms such as AWS and Azure
Basic understanding of identity and access management system capabilities and configuration
Experience with TASKORDS, OPORDS, etc
Experience leading Cybersecurity (ISSO & ISSE) teams

Benefits

Competitive compensation
Comprehensive insurance options
Matching contributions through the 401(k) plan and the share purchase plan
Paid time off for vacation, holidays, and sick time
Paid parental leave
Learning opportunities and tuition assistance
Wellness and Well-being programs

Company

CGI

twittertwittertwitter
Glassdoor3.8
company-logo
CGI is an IT and business consulting services firm that offers consulting, cyber security, cloud, and IT services.
dateFounded in 1976
location
Montréal, Quebec, CAN
people-size10001+ employees
web-link
https://www.cgi.com

Funding

Current Stage
Public Company
Total Funding
$1.2B
2025-03-12Post Ipo Debt· $650M
2024-09-03Post Ipo Debt· $550.87M
1998-10-06IPO

Leadership Team

leader-logo
François Boulanger
President and Chief Executive Officer at CGI
linkedin
leader-logo
Raymond McMann
VP, Global Oil & Gas Industry
linkedin

Recent News

Computer Weekly
CGI’s artificial intelligence boss knows his job title won’t exist for long
2026-02-04
Yahoo Finance
CGI adopts Google’s Gemini Enterprise for enterprise AI integration
2026-01-22
Digital Journal
From ECG waveforms to clinical reports: Building diagnostic systems that write like doctors
2026-01-22
Company data provided by crunchbase