Hybrid Security Architect

CGI Group, Inc.

Job Description

Hybrid Security Architect

Position Description

CGI US Global Technology Operations (GTO) needs a Security Architect who specializes in the hybrid cloud infrastructure solutions. The successful candidate will collaborate with enterprise architecture, application owners and service providers to design security and privacy controls for cloud-hosted infrastructure, platforms, and applications. CGI is growing a security practice that utilizes the Security System Development Lifecycle, Agile, and Secure DevOps methodologies to respond to threats, reduce risks, and create secure operating environments for our clients. Candidate will provide technical and analytical guidance to the enterprise architecture team, infrastructure project manager, and other technical domains across infrastructure disciplines including server hardware, networking, security, databases, and storage. Individual will direct and participate in enterprise architecture analysis, evaluation, design, integration, documentation, and delivery. This person will also provide subject matter expertise on our suite of security tools, working in concert with our Security Governance, Risk, and Compliance team. This individual should be self-motivated to drive solutions and proactively create (in sufficient detail) the documentation required to support and describe technical solutions. Finally, this individual should be able to analyze existing architectures in place (by account) to recommend improvements, help guide root cause analysis and provide architecture and design support around requested hardware/software upgrades and new service offerings. If you are an experienced cloud security architect looking to utilize critical thinking skills, who does not hesitate to question the status quo, as well as able to work with leaders and team members at all levels of the organization, across functional lines, using your analytical skills to think outside the box, then CGI has an opportunity for you.

This role can be located at any CGI office in the U.S.

Your future duties and responsibilities
- Serve as a security architecture expert
- Devise strategies to secure information assets and hybrid cloud services
- Assess public cloud service providers (IaaS, PaaS, & SaaS) for the client and industry standards compliance
- Analyze and design controls to secure on and off premises private, public, community, and hybrid cloud environments
- Support Architectural Solution Document (ASD) development that details technical specifications and configurations that enable GTO engineering to execute solution and support in steady state seamlessly (with minimal clarification). Maintain ASD accuracy through implementation into production state.
- Provide technical leadership and ownership by drafting baseline solution detail and specifications.
- Serve as GTO Security Architecture SME for proposed solutions and steady state upgrades, migrations, problem management, and innovation.
- Support the Business Engineering team in designing and solutioning new service offering requests or enhancements
- Satisfies information security requirements based upon the input from Governance, Risk and Compliance, customers, as well as personal domain knowledge of security toolsets and operational procedures.
- Plans the design, coordination, development, implementation and evaluation of security tools for an organization.
- Works to embed security architecture across the Enterprise Architecture team, mentoring non-security architects on best practices and a 'built-in, not bolted-on' security mindset.
- Utilize reference architectures that include security for public cloud and hybrid cloud deployments that enhance CGI's security strategy.

Required qualifications to be successful in this role
- 7+ years of information technology systems design and planning experience; in systems, applications, or architecture
- 5 years experience working SecaaS, Cloud Security or Third Party / Cloud Security Assessments including AWS or Azure; Or 5 years experience in cloud security and 2+ years of experience securing cloud services
- 5 years of technical writing and report generation and managing projects using a standardized set of project management principals
- Industry recognized certification in security (e.g., CISSP, CCSK,CISA, CISM, CEH, etc.)
- 5 years experience with Cloud Security vendors in the IAM, Data Protection, Monitoring and IaaS provider specific space
- 5 years experience Enterprise IT security risk assessments and related frameworks (e.g., ISO 27000 series, NIST 800 Series, COBIT, IT General Controls, etc.)
- 5 years experience conceptual knowledge of the following regulations: PCI, Sarbanes-Oxley, HIPAA, GLBA, FISMA, NIST

Skill Set - Years of Experience
Hybrid Cloud Architecture - 8
CyberSecurity - 5


Experience in IT Security Testing (e.g., penetration testing, web application security assessments, vulnerability assessments and technical security assessments
Experience in Identity and Access Management
Experience in virtualized security environments
Experience with Cloud Security vendors in the IAM, Data Protection, Monitoring and IaaS providers
Experience with Linux and Windows operating systems
Experience with application development
Proven ability to build, manage and foster a team-oriented environment
Proven ability to work creatively and analytically in a problem-solving environment
Desire to work in an information systems environment
Excellent communication (written and oral) and interpersonal skills
Excellent leadership and management skills

Minimum Education Required:

Undergraduate degree in Computer Science or MIS, or a Bachelors degree in another field with 10+ years experience in IT and Security. Bachelors Degree

Est. Salary Range (Colorado Only): $135,000-$180,000*

*Disclaimer: In accordance with Colorado's Equal Pay for Equal Work Act, effective January 1, 2021, a good faith hourly or base salary range must be posted for all positions where the work may be performed in the state of Colorado. Therefore, this good faith salary range will only apply where this described position will be performed in the state, and should not be considered the compensation range in other locations or for other positions.

At CGI we call our professionals "members" to reinforce that all who join our team are, as owners, empowered to participate in the challenges and rewards that come from building a world-class company. CGI's benefits include:
• Competitive base salaries
• Eligibility to participate in an attractive Share Purchase Plan (SPP) in which the company matches dollar-for-dollar contributions made by eligible employees, up to a maximum, for their job category
• 401(k) Plan and Profit Participation for eligible members
• Generous holidays, vacation, and sick leave plans
• Comprehensive insurance plans that include, among other benefits, medical, dental, vision, life, disability, out-of-county emergency coverage in all countries of employment;
• Back-up child care, Pet insurance, a Member Assistance Program, a 529 college savings program, a personal financial management tool, lifestyle management programs and more

Build your career with us.

It is an extraordinary time to be in business. As digital transformation continues to accelerate, CGI is at the center of this change-supporting our clients' digital journeys and offering our professionals exciting career opportunities.

At CGI, our success comes from the talent and commitment of our professionals. As one team, we share the challenges and rewards that come from growing our company, which reinforces our culture of ownership. All of our professionals benefit from the value we collectively create.

Be part of building one of the largest independent technology and business services firms in the world.

Learn more about CGI at www.cgi.com .

No unsolicited agency referrals please.

CGI is an equal opportunity employer.

Qualified applicants will receive consideration for employment without regard to their race, ethnicity, ancestry, color, sex, religion, creed, age, national origin, citizenship status, disability, pregnancy, medical condition, military and veteran status, marital status, sexual orientation or perceived sexual orientation, gender, gender identity, and gender expression, familial status, political affiliation, genetic information, or any other legally protected status or characteristics.

CGI provides reasonable accommodations to qualified individuals with disabilities. If you need an accommodation to apply for a job in the U.S., please email the CGI U.S. Employment Compliance mailbox at [Click Here to Email Your Resumé] . You will need to reference the requisition number of the position in which you are interested. Your message will be routed to the appropriate recruiter who will assist you. Please note, this email address is only to be used for those individuals who need an accommodation to apply for a job. Emails for any other reason or those that do not include a requisition number will not be returned.

We make it easy to translate military experience and skills! Click here to be directed to our site that is dedicated to veterans and transitioning service members.

All CGI offers of employment in the U.S. are contingent upon the ability to successfully complete a background investigation. Background investigation components can vary dependent upon specific assignment and/or level of US government security clearance held. CGI will consider for employment qualified applicants with arrests and conviction records in accordance with all local regulations and ordinances.

CGI will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with CGI's legal duty to furnish information.


  • Cloud architect
  • Technical Writing

Job Requirements