// Lafayette Economic Development Authority (LEDA)
Menu close

SaaS Information Security Officer

Back

SaaS Information Security Officer

@ CGI

Position Description:

  • The CGI Government Cloud Services Program (GCS) delivers and supports a proprietary Government Advantage ERP software suite, recently certified as a StateRAMP certified SaaS solution.
  • Our CGI Advantage program is seeking a skilled SaaS Information Security Officer that will focus on continually securing our SaaS software while working in conjunction with our IaS, PaaS teams and product engineering to ensure continued compliance with the StateRAMP protocols and processes.
  • For this role, CGI is looking for an individual with experience as a Information Security Officer, comfortable discussing software security, understands DevSecOps processes and SDLC, and has familiarity with NIST, FedRAMP and/or StateRAMP protocols.
  • Ideally the candidate has a security certification such as CISM, CISA or CISSP demonstrating the aptitude for the role.


Your future duties and responsibilities:

  • The SaaS Information Security Officer primary responsibilities are, but not limited to:
  • Provide guidance, oversee the implementation of Advantage security controls,
  • Serve as vulnerability management expert, which includes - monitoring vulnerability review, POAM tracking, reporting incorporating StateRamp guidance, and remediation efforts.
  • Serve as the primary contact to StateRamp for all POAM tracking and continuous monitoring. Provides oversight of the StateRamp POAM monthly reviews, to ensure all questions are promptly addressed and up to date statuses are reported.
  • Work with other Advantage teams to ensure security controls are incorporated in every phase of the development, testing, and configuration processes.
  • Manage the Advantage Change Management processes
  • Manage the security policy exception processes
  • While the SaaS ISSO is not responsible for security tool installation or tool administration, work with the various Engineering teams to coordinate, facilitate, or otherwise ensure certain activities are being performed.

Qualifications:

Required qualifications to be successful in this role:

  • 1-3 years experience with Containers, Kubernetes/docker, or Rancher platform
  • Proficient scripting abilities in multiple languages (Linux shell scripting, Python, Perl, and Go languages)
  • Experience with Oracle and/or SQL Server databases and SQL DDL/DML writing.
  • Experience automating IT processes (CA Autosys or similar job management tool for scheduling, monitoring, and reporting software experience is a plus)
  • Experience with DevOps tools and techniques (e.g. Jira, Git, etc.) is a plus
  • Excellent organizational skills
  • Must be able to effectively juggle and prioritize multiple, often competing and changing, workloads
  • Ability to work independently in a self-directed manner and collaboratively as a team lead or member
  • Skill Set Years of Experience
  • Incident management 1+ yrs
  • Vulnerability management 3+ yrs
  • Access Management 1+ yrs
  • Security Tool exposure to installation and reporting output 3+ yrs


Skills:

  • DevOps
  • Kubernetes
  • Linux
  • Oracle

How to Apply:

Apply online at https://cgi.jobs/locations/lafayette-la/jobs/ 

Visit Site to Apply

Location: Lafayette, LA
Date Posted: October 08, 2024
Application Deadline: December 09, 2024
Job Type: Full-time