CGI has an immediate need for an Dev Sec Ops Engineer to join our team. This is an exciting opportunity to work in a fast-paced team environment supporting one of the largest customers. We take an innovative approach to supporting our client, working side-by-side in an agile environment using emerging technologies.
This position can be located remotely anywhere in the U.S.
We partner with 15 of the top 20 banks globally, and our top 10 banking clients have worked with us for an average of 26 years!
We have over 92,000+ CGI Members in 40 countries and over 5k+ loyal Clients who are leveraging our end-to-end services across the globe.
The Cyber Security Dev Sec Ops Engineer will be responsible for ensuring a strong internal control environment through the static code analysis for vulnerabilities and threat detection on applications hosted on AWS environments
Key Responsibilities:
Tweak and tune rules to ensure optimal in-line and out-of-band security controls.
Lead and communicate effectively with stakeholders, even without prior experience.
Understand and apply OWASP Top 10 principles.
Implement and manage Application Security Testing (AST) frameworks (e.g., SAST, DAST, SCA, SBOM, Serverless).
Understand information security principles and application security fundamentals.
Manage and secure AWS services including WAF, ALB, CloudFront, CloudFormation, ECS, EC2, S3, SQS, RDS, SSL/ACP, CloudTrail, Kinesis , and more.
Use AWS SDKs (Java, Boto3 for Python) and CLI tools to automate and manage cloud infrastructure.
Implement and manage CI/CD pipelines using Jenkins .
Use version control systems like BitBucket and Git .
Monitoring and Reporting
Utilize tools like Postman and Burp (or other proxy tools) for testing and debugging.
8 -10 years of total IT experience with the following must haves:
6 years Experience in Cyber Security field
SAST- Application security - Static code Analysis
Third party open source vulnerabilities - Software composition analysis/SCA
DAST -Pen test/Dynamic Application security
Experienced with container scanning
Experience in Cloud Security
Experienced in API se
Develop and manage Splunk queries, dashboards, and lookup tables.
Collaboration Tools:
Use Jira and Confluence for project and documentation management.
Security Tools: curity
Experience with application security testing frameworks and security controls.
Proficient in using AWS services and related SDKs and CLI tools.
Software development experience in Java and Python.
Knowledge of CI/CD tools like Jenkins and version control systems like BitBucket and Git.k
Works well with application team
Web Application Firewall Management:
Expertise in AWS WAF and Cloudflare .
Leadership and Communication
Proficient in answering scenario-based questions and navigating updates, risks, and issues to leadership.
Application Security
AWS Cloud Services
Software Development
Experience in programming with languages like Java and Python
CI/CD and Version Control
Education:
B.S. or M.S. in Computer Science, Information Systems, Statistics, Finance or related field
CGI is required by law in some jurisdictions to include a reasonable estimate of the compensation range for this role. The determination of this range includes various factors not limited to skill set, level, experience, relevant training, and licensure and certifications. To support the ability to reward for merit-based performance, CGI typically does not hire individuals at or near the top of the range for their role. Compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range for this role in the U.S. is $84,000.00 - $186,000.00.
Benefits
CGI’s benefits are offered to eligible professionals on their first day of employment to include:
•Competitive compensation including profit participation program
•Comprehensive medical, dental, and vision benefits
•Basic life and accidental death & dismemberment insurance
•Matching contributions through 401(k) plan, and CGI share purchase plan
•Flexibility and paid accrued vacation leave, ranging from 10 to 20 days per year, based on job level, years of relevant prior experience, and years of service