Cyber Security Engineer

About the position

CGI is seeking a Cyber Security Engineer to join its Financial Services Retail Lending technology organization. This role involves leading security-related design, implementation, remediation, and maintenance initiatives, with a focus on enhancing the security posture of the organization's IP assets. The engineer will work closely with software teams and management to address various security focus areas, including risk assessment, security architecture design, vulnerability management, incident response, and security policy adherence, primarily for CGI Credit Studio and its cloud-native microservices architecture.

Responsibilities

• Act as the Security Point of Contact, coordinating security activities with CGI security groups and program managers.
• Investigate and engineer new approaches to improve vulnerability remediation processes and related security functions.
• Support internal and external security audits, ensuring compliance with policies and procedures for sector IP assets.
• Govern the review of security scan outputs and oversee action plans for addressing vulnerabilities.
• Oversee the scanning of open source and third-party software components, addressing identified vulnerabilities.
• Track and report on the inventory of security vulnerabilities and defects to management.
• Provide client support related to security posture, including expertise in security solutions for implementation projects.

Requirements

• Five years of experience as a cybersecurity professional.
• At least seven years of hands-on experience as a software developer with solid Java and Spring Framework fundamentals.
• Proficient understanding of network security protocols (firewalls, VPNs, IDS/IPS).
• Experience with scripting and automation tools.
• Strong analytical and problem-solving skills.
• Excellent communication and collaboration skills.

Nice-to-haves

• Cybersecurity Certifications (e.g., CISSP, CCSP, SSCP).
• Two years of experience with Azure security services and monitoring tools.
• Expertise in application security practices (secure coding, OWASP).
• Proficiency in security tools and technologies (CAST, vulnerability scanners).
• Understanding of the impacts of AI technologies on security.

Benefits

• Competitive compensation including profit participation program.
• Comprehensive medical, dental, and vision benefits.
• Basic life and accidental death & dismemberment insurance.
• Matching contributions through 401(k) plan and CGI share purchase plan.
• Flexibility and paid accrued vacation leave (10 to 20 days per year).
• 10 paid holidays per year.
• At least 80 consecutive hours of paid sick/safe leave.
• Paid parental leave (20 to 70 consecutive business days).
• Bereavement leave (1 to 7 days per year).
• Paid jury duty leave, up to time summoned.
• Learning opportunities and tuition assistance.
• Wellness and well-being programs.