CG

Security Compliance Analyst - U.S. Citizenship Required

Job summary

Fairfax

Work model

Hybrid · 3 days home
1 week ago
Job description

Security Compliance Analyst - U.S. Citizenship Required

Category: Cyber Security

Main location: United States, Virginia, Fairfax Alternate Location(s): United States, Louisiana, Lafayette

Position ID: J0426-0893 Employment Type: Full Time

U.S. - CGI Federal roles - Homelessness to Housing (https://youtu.be/AEZmB7Bi7CQ)

By playing this video you consent to Google/YouTube processing your data and using cookies --Learn more (xweb.asp?clid=21001&page=cookiespolicy#integrationofyoutube) .

CGI is a global IT company operating across 40 countries, offering opportunities for growth and advancement. As a CGI Federal member, you can become a shareholder and join a family of 90,000 partners.

CGI Federal is hiring a Security Compliance Analyst to support a skilled team of ISSOs on a high-visibility program. You will contribute to improving the cybersecurity posture of civilian government agencies by implementing and enhancing a cybersecurity platform and delivering integration services. You will also assist in developing additional cybersecurity offerings focused on next-generation security solutions and technologies.

The successful candidate is a motivated, self-starting individual who works effectively in a dynamic environment. This is an excellent opportunity with room for growth within the program and across CGI Federal.

This position is located in Fairfax, VA or Lafayette, LA, with a hybrid working model acceptable. You will be required to work in a CGI Federal office two days per week.

Your future duties and responsibilities:

  • Support ISSO team activities related to continuous monitoring and ongoing security compliance.
  • Conduct security control assessments in alignment with NIST RMF (SP 800‑53, 800‑37) and federal security requirements.
  • Support the development and execution of security impact assessments to evaluate system changes and their effect on system risk posture.
  • Assist with maintaining and updating system security documentation, including SSPs, POA&Ms, and security control evidence.
  • Perform routine security reviews, vulnerability tracking, and control assessments.
  • Help evaluate system categorization and control selection in alignment with FIPS 199 and NIST RMF guidelines.
  • Coordinate with technical teams to gather security evidence and ensure continuous monitoring requirements are met.
  • Track and report on security risks, remediation progress, and compliance status.
  • Support preparation for audits, assessments, and internal security reviews.
  • Participate in the system lifecycle process by integrating NIST 800‑37 Risk Management Framework (RMF) activities into appropriate phases.
  • Conduct risk and vulnerability assessments related to system architecture changes.

Required qualifications to be successful in this role:

  • Due to government contract and clearance requirements, U.S. citizenship is required, along with successful completion of a CGI background check.
  • Candidates must be able to obtain and maintain a DHS CISA EOD/Public Trust clearance.
  • Bachelor's degree and up to five years of experience supporting cybersecurity teams for enterprise cybersecurity shared services programs or cloud programs.
  • Experience with continuous monitoring for moderate- and high‑impact systems.
  • Working knowledge of the following NIST Special Publications 800‑series:
    • 800‑37 (Risk Management Framework)
    • 800‑53 (Security & Privacy Controls)
    • 800‑18 (System Security Plans)
    • 800‑30 (Risk Assessment)
    • 800‑137 (Continuous Monitoring)
  • Knowledge of Federal Information Processing Standards (FIPS), especially FIPS 199 (Security Categorization).
  • If no NIST experience, working knowledge of the DoD Information Technology Security Certification and Accreditation Process (DITSCAP) or DoD Information Assurance policy 8500.1 and the RMF.
  • If no NIST or DITSCAP experience, working knowledge of NSA Information Assurance processes.
  • Understanding of IT security principles, concepts, policies, and regulations.
  • Ability to effectively document security controls.
  • Proficiency with Microsoft Word, Excel, and Microsoft Project.

Desired qualifications:

  • Prior experience supporting an ISSO or security compliance team.
  • Experience with continuous monitoring and cATO activities.
  • Familiarity with security tools such as vulnerability scanners, SIEM platforms, or configuration management solutions.
  • Exposure to cloud environments (AWS, Azure, or GCP) and related security requirements.
  • Understanding of FedRAMP, FISMA, or agency‑specific compliance frameworks.
  • Technical background supporting interpretation of control implementations or system architecture.
  • Experience with CISA's Continuous Diagnostics and Mitigation (CDM) program.

Compensation:

The estimated compensation range for this role in the U.S. is $79,600.00 - $194,000.00.

Benefits:

CGI Federal's benefits include:

  • Competitive compensation
  • Comprehensive insurance options
  • Matching contributions through the 401(k) plan and the share purchase plan
  • Paid time off for vacation, holidays, and sick time
  • Paid parental leave
  • Learning opportunities and tuition assistance
  • Wellness and well-being programs

#CGIFederalJob #LI-MC3 #DHSCareers

Skills:

  • English
  • Information Assurance
  • NIST
  • Security Architecture
  • Technical Writing

What you can expect from us:

Together, as owners, let's turn meaningful insights into action.

Life at CGI is rooted in ownership, teamwork, respect, and belonging. You are invited to be an owner from day 1 as we work together to bring our Dream to life. That's why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company's strategy and direction.

Your work creates value. You'll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise.

You'll shape your career by joining a company built to grow and last. You'll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons.

Come join our team—one of the largest IT and business consulting services firms in the world.

CGI Federal is an Equal Opportunity Employer. CGI provides reasonable accommodations to qualified individuals with disabilities. If you need an accommodation to apply for a job in the U.S., please email USEmployment[email protected]. Please reference the Position ID.

We make it easy to translate military experience and skills! Click here (https://cgi-veterans.jobs/) to be directed to our site that is dedicated to veterans and transitioning service members.

All CGI offers of employment in the U.S. are contingent upon the ability to successfully complete a background investigation. Background investigation components can vary dependent upon specific assignment and/or level of US government security clearance held. Dependent upon role and/or federal government security clearance requirements, and in accordance with applicable laws, some background investigations may include a credit check. CGI will consider for employment qualified applicants with arrests and conviction records in accordance with all local regulations and ordinances.

CGI will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with CGI's legal duty to furnish information.