CGI Technologies and Solutions, Inc. Director of Information Security in Atlanta, Georgia

Director of Information Security

CGI-experience the commitment

Find similar career opportunities

Category:Information Technology

City:Atlanta, Georgia, United States

Position ID:J0416-1800

Employment Type:Full Time

Meet our professionals

CGI: An employer of choice

Position Description:

CGI is looking for a seasoned security professional that will operate as the Information Security subject matter expert (SME) for CGI’s Industry Solutions group serving public sector entities across both state and local jurisdictions. The candidate will act as a trusted advisor and partner to the management team to identify, assess, and mitigate enterprise security risks. The candidate will drive the implementation and compliance with corporate information security standards. Also, the candidate will help bridge the gap between technical security implementation and the business by actively engaging the business in efficiency and risk-based decision making during sales and delivery functions for both internal stakeholders and external clients, who function in complex governmental regulatory environments.


1) Business Strategies and C-Level Interaction: During the sales process, engage with key internal and external stakeholders to provide critical perspective and guidance on delivery strategies to meet client security requirements. Help ensure that CGI understands the full commitment required to support client requirements and which security and privacy frameworks are relevant to the engagement(s).

2) Security Program Development: Maintain a comprehensive information security and privacy program, delivering security strategy, policies, procedures, communications, and training.

2a) Work with system and control owners to develop and maintain a remediation plan with milestones and dependencies.

3) Security Compliance Audits: Support personnel involved in control assessments performed by auditors through validation of auditor findings, issuance of draft responses to findings, and identification of required evidence to support closure of findings.

4) Enterprise Risk Management: Apply risk-based control framework to identify and evaluate complex business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement.

5) Secure Application Development Support: Provide guidance on the development, deployment, and configuration of CGI solutions and infrastructure services being deployed to verify solution meets or exceeds contractual control requirements.

6) Security Process Optimization: Assist in the selection and tailoring of approaches, methods, and tools to support prioritization and remediation of identified control deficiencies.

6a) Stay abreast of the latest information security and privacy laws, regulations, and best practices that impact state and local governments and provide security solutions, strategies, oversight, and audit of solutions and operations to meet these clients' requirements.

6b) Establish and maintain relationships and partnerships with security vendors and organizations, collaborate with other security groups within CGI, and represent CGI at security and privacy conferences/events as required.

Candidate should have 10-15 years of experience in security practices and be certified for audits, either CISSP, CISA, CISM, or equivalent designation. Ideal candidate will also have 5-7 years of experience in the public sector.

Additional experience:

Deep understanding of the enterprise information security and data protection and privacy architecture discipline, processes, concepts, and best practices and the effective implementation thereof -- 10-15 years

Demonstrated understanding and implementation of established IT frameworks and methodologies and security standards, particularly in the context of cloud computing, including but not limited to:

• National Institute of Standards and Technology (NIST) 800 series

• International Organization for Standardization (ISO) 27000 series

• Payment Card Industry Data Security Standard (PCI DSS)

• Health Insurance Portability and Accountability Act (HIPAA)

• Federal Information Security Management Act (FISMA)

• Sarbanes Oxley Act (SOX)

• Statement on Standards for Attestation Engagements 16 (SSAE 16)

• Internal Revenue Service (IRS)"

Excellent written and verbal communications and presentation skills with ability to articulate complex technical ideas to non-technical stakeholders, including C-Level executives, so that the candidate can take an active role during the sales process with clients as well as participate internally with stakeholders of all disciplines -- 7-10 years

Demonstrated ability to work effectively with a team, delivering high performance and customer satisfaction, in a culturally diverse, matrixed management, and remote environment - 5-10 years

Strong facilitation skills and a clear ability to build strong relationships with business stakeholders at all levels, including executive managers and vendors, and clients - 5-10 years

Self-starter; adaptable to change; motivated to set personal and program goals and proactively track performance against goals and initiatives - 5-10 years

Ability to manage multiple priorities – projects, deliverables, and stakeholders - 5-10 years

Knowledge of technological trends and developments in the area of information security and risk management - 7-10 years

Strong affinity with technology and an interest in the wider implications of technology - 5-7 years

A minimum of 5-7 years of experience leading comparable information risk, security and governance teams, transforming functions and changing culture

Significant experience with outsourced and cloud models, and the appropriate contract and vendor negotiations - 5-7 years

Willingness and ability to learn CGI's application(s) and working with the product and delivery teams to advise on the most suitable, cost effective means to address requisite compliance

Degree in computer science, engineering, mathematics, or related field of study or equivalent experience

What you can expect from us:

At CGI, we’re a team of builders. We call our employees members because all who join CGI are building their own company - one that has grown to 65,000 professionals located in 40 countries. Founded in 1976, CGI is a leading IT and business process services firm committed to helping clients succeed. We have the global resources, expertise, stability and dedicated professionals needed to achieve results for our clients - and for our members. Come grow with us. Learn more at

This is a great opportunity to join a winning team. CGI offers a competitive compensation package with opportunities for growth and professional development. Benefits for full-time, permanent members start on the first day of employment and include a paid time-off program and profit participation and stock purchase plans.

We wish to thank all applicants for their interest and effort in applying for this position, however, only candidates selected for interviews will be contacted.

No unsolicited agency referrals please.

All CGI offers of employment in the U.S. are contingent upon the ability to successfully complete a background investigation. Background investigation components can vary depending upon specific assignment, or upon any US government security clearance if required. Qualified applicants will receive consideration for employment without regard to their race, color, religion, sex, gender Identity, sexual orientation, national origin, age, disability, veteran status, pregnancy, or other status protected by law. CGI will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with CGI’s legal duty to furnish information.


  • Security

Referral First name*

Referral Last name*

Referrer E-Mail*

By checking this box you agree to allow us to contact the individual listed above about your referral and that the referral meets eligibility criteria.

Are you interested in this job?

In the US, CGI is committed to a policy of equal employment opportunity. We recruit, employ, train, compensate, and promote without regard to race, ancestry, color, sex, religion, age, national origin, citizenship status, disability, protected veteran status, marital status, sexual orientation or perceived sexual orientation, gender identity, familial status, political affiliation, or any other classification protected by state or federal law.

CGI is committed to the principles of equal employment opportunity and to compliance with US laws and regulations. Click here at to access our US EEO/Affirmative action policy.

Applicants have rights under Federal Employment Laws:

  1. EPPA at

  2. FMLA at

  3. Consolidated EEO Is The Law at

If you need an accommodation in order to complete the application process, click here at .

We make it easy to translate military experience and skills! Click here at to be directed to our site that is dedicated to veterans and transitioning service members.