As a member of CGI’s Global Security team, the candidate will play an integral role in defining and assessing the organization's application security strategy, architecture and practices. The candidate will work within a multi-disciplinary Enterprise Security Architecture team to support business units and corporate functions to assess, develop and implement solutions that are aligned with CGI security policies, strategy and requirements.
Your future duties and responsibilities:
• Provide guidance on application security architecture, DevSecOps best practices & solutions to help business units to build & deliver solutions that meet CGI security requirements
• Develop threat models and maturity assessments that can be used to integrate CGI security requirements into projects & operations
• Create an application security observability framework to enable greater GSOC visibility by identifying best practices for logging within common application architectures
• Define and conduct application security threat and risk assessments with methodology for all deployed solutions with ability to integrate into development pipelines
• Conduct Secure SDLC workshops and working groups to facilitate a globally consistent set of security baselines for application security
• Advocate for AppSec and DevSecOps from research conducted into modern threats and new technologies such containerization and serverless computing
• Liaise with other security architects and global business units to communicate CGI security practices and processes
• Support identification, training, and partnership with champions for security across CGI to build a security first culture
• Support security champions by helping them assess risk, learn to identify architectural gaps, and similar activities
• Support development of training related to application security, security architecture, threat modeling, and secure coding
Required qualifications to be successful in this role:
• A University degree or College diploma or equivalent experience with AppSec
• Previous experience in software design, or knowledge of modern DevOps processes
• Ability to develop threat models and participate in security walk-throughs
• Knowledge of Application Security, DevSecOps, integrating security into CI/CD
• Leadership and facilitation skills with an ability to build relationships with stakeholders
• Knowledge of OWASP, Static and Dynamic Analysis, Vulnerability management
• Effective oral, written and interpersonal communication skills
What you can expect from us:
Build your career with us.
It is an extraordinary time to be in business. As digital transformation continues to accelerate, CGI is at the center of this change—supporting our clients’ digital journeys and offering our professionals exciting career opportunities.
At CGI, our success comes from the talent and commitment of our professionals. As one team, we share the challenges and rewards that come from growing our company, which reinforces our culture of ownership. All of our professionals benefit from the value we collectively create.
Be part of building one of the largest independent technology and business services firms in the world.
Learn more about CGI at www.cgi.com.
No unsolicited agency referrals please.
CGI is an equal opportunity employer.