Cyber SME
CGI Technologies and Solutions, Inc., huntsville, al, United States
**Cyber SME**
**Category:** Cyber Security
**Main location:** United States, District of Columbia, Washington
**Alternate Location(s):** United States, Alabama, Huntsville
United States, West Virginia, Calrksburg
**Position ID:** J
**Employment Type:** Full Time
U.S. - CGI Federal roles - What we do matters ( playing this video you consent to Google/YouTube processing your data and using cookies -Learn more (xweb.asp?clid=21001&page=cookiespolicy#integrationofyoutube) .
**Position Description:**
US CITIZENSHIP AND ACTIVE TOP SECRET OR TS/SCI CLEARANCE IS REQUIRED
CGI Federal is seeking a Cyber Subject Matter Expert (CYBER SME) to serve as the program's senior cybersecurity authority supporting a major federal initiative. The CYBER SME provides expert‑level advisory support, leads enterprise security strategies, and oversees complex authorization, architecture, and risk management activities across hybrid cloud and on‑prem environments. This role requires deep mastery of federal cybersecurity frameworks, ATO lifecycle governance, modern cloud security practices, and enterprise‑scale engineering. The CYBER SME will partner closely with senior leadership, federal stakeholders, and cross‑functional technical teams to shape cybersecurity direction, enforce standards, and drive mission‑critical security outcomes.
**Your future duties and responsibilities:**
- Serve as the principal cybersecurity advisor, providing authoritative guidance on secure architectures, risk management, and governance.
- Lead enterprise‑wide RMF and ATO strategies, including development, assessment, and approval of SSPs, CMPs, IRPs, ISCPs, ISAs, POA&Ms, and continuous monitoring artifacts.
- Provide strategic direction on cloud adoption, network design, and engineering decisions influencing security posture.
- Direct vulnerability management programs using STIG, SCAP, ACAS, and complementary federal assessment frameworks; ensure timely remediation of high‑risk findings.
- Define and maintain cybersecurity policies, standards, and governance models aligned with federal requirements and agency‑specific directives.
- Conduct advanced cyber risk assessments and develop mitigation strategies for complex, multi‑cloud or hybrid enterprise systems.
- Lead security impact assessments and configuration/change control reviews for major system modifications.
- Mentor and advise Junior, Mid‑Level, and Senior ISSOs; act as the escalation point for advanced RMF, architecture, and compliance issues.
- Represent the program's security posture in executive briefings, audits, interagency discussions, and high‑visibility working groups.
- Provide expert input into modernization, cloud transformation, DevSecOps integration, and enterprise resilience initiatives.
**Required qualifications to be successful in this role:**
- Bachelor's degree in Cybersecurity, Information Technology, Engineering, or related field (Master's preferred).
- 10+ years of progressive cybersecurity or IT experience, including senior‑level technical leadership or SME responsibility.
- Active Top Secret or TS/SCI clearance.
- Demonstrated mastery of:
- NIST Risk Management Framework (RMF)
- ATO lifecycle strategy, adjudication, and governance
- Executive‑level POA&M management
- STIG/SCAP/ACAS vulnerability frameworks
- Continuous monitoring governance and reporting
- Proven ability to lead multidisciplinary cybersecurity, engineering, and compliance teams.
- Exceptional communication skills suited for senior stakeholders, program leadership, and executive audiences.
Preferred Certifications
Strongly Preferred:
- CISSP
- CISM
- CCSP
Additional Highly Valuable Certifications:
- CASP+ CE
- CCNP Security
- CISA
- GCIH
- GCED
- Other senior‑level DoD 8140/8570 IAM/IASAE certifications
Technical Mastery
- Expert‑level proficiency with STIG, SCAP, ACAS, Tenable, and federal vulnerability management tools.
- Deep understanding of secure cloud architectures (AWS, Azure, multi‑cloud), including control inheritance and boundary design.
- Experience with DevSecOps, CI/CD pipelines, and security automation/orchestration tools.
- Familiarity with SAST/DAST tools and automated testing frameworks.
- Ability to evaluate and influence system and network architectures for compliance, resilience, performance, and risk reduction.
Due to the nature of this government contract, US Citizenship is required.
\#CGIFederalJob
\#LI-DD1
**Skills:**
+ Information Security Mgmt
**What you can expect from us:**
**Together, as owners, let's turn meaningful insights into action.**
Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, you'll reach your full potential because...
You are invited to be an owner from day 1 as we work together to bring our Dream to life. That's why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company's strategy and direction.
Your work creates value. You'll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise.
You'll shape your career by joining a company built to grow and last. You'll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons.
Come join our team-one of the largest IT and business consulting services firms in the world.
Qualified applicants will receive consideration for employment without regard to their race, ethnicity, ancestry, color, sex, religion, creed, age, national origin, citizenship status, disability, pregnancy, medical condition, military and veteran status, marital status, sexual orientation or perceived sexual orientation, gender, gender identity, and gender expression, familial status or responsibilities, reproductive health decisions, political affiliation, genetic information, height, weight, or any other legally protected status or characteristics to the extent required by applicable federal, state, and/or local laws where we do business.
CGI provides reasonable accommodations to qualified individuals with disabilities. If you need an accommodation to apply for a job in the U.S., please email the CGI U.S. Employment Compliance mailbox at . You will need to reference the Position ID of the position in which you are interested. Your message will be routed to the appropriate recruiter who will assist you. **Please note, this email address is only to be used for those individuals who need an accommodation to apply for a job. Emails for any other reason or those that do not include a Position ID will not be returned.**
We make it easy to translate military experience and skills! Clickhere ( to be directed to our site that is dedicated to veterans and transitioning service members.
All CGI offers of employment in the U.S. are contingent upon the ability to successfully complete a background investigation. Background investigation components can vary dependent upon specific assignment and/or level of US government security clearance held. Dependent upon role and/or federal government security clearance requirements, and in accordance with applicable laws, some background investigations may include a credit check. CGI will consider for employment qualified applicants with arrests and conviction records in accordance with all local regulations and ordinances.
CGI will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with CGI's legal duty to furnish information.
**Category:** Cyber Security
**Main location:** United States, District of Columbia, Washington
**Alternate Location(s):** United States, Alabama, Huntsville
United States, West Virginia, Calrksburg
**Position ID:** J
**Employment Type:** Full Time
U.S. - CGI Federal roles - What we do matters ( playing this video you consent to Google/YouTube processing your data and using cookies -Learn more (xweb.asp?clid=21001&page=cookiespolicy#integrationofyoutube) .
**Position Description:**
US CITIZENSHIP AND ACTIVE TOP SECRET OR TS/SCI CLEARANCE IS REQUIRED
CGI Federal is seeking a Cyber Subject Matter Expert (CYBER SME) to serve as the program's senior cybersecurity authority supporting a major federal initiative. The CYBER SME provides expert‑level advisory support, leads enterprise security strategies, and oversees complex authorization, architecture, and risk management activities across hybrid cloud and on‑prem environments. This role requires deep mastery of federal cybersecurity frameworks, ATO lifecycle governance, modern cloud security practices, and enterprise‑scale engineering. The CYBER SME will partner closely with senior leadership, federal stakeholders, and cross‑functional technical teams to shape cybersecurity direction, enforce standards, and drive mission‑critical security outcomes.
**Your future duties and responsibilities:**
- Serve as the principal cybersecurity advisor, providing authoritative guidance on secure architectures, risk management, and governance.
- Lead enterprise‑wide RMF and ATO strategies, including development, assessment, and approval of SSPs, CMPs, IRPs, ISCPs, ISAs, POA&Ms, and continuous monitoring artifacts.
- Provide strategic direction on cloud adoption, network design, and engineering decisions influencing security posture.
- Direct vulnerability management programs using STIG, SCAP, ACAS, and complementary federal assessment frameworks; ensure timely remediation of high‑risk findings.
- Define and maintain cybersecurity policies, standards, and governance models aligned with federal requirements and agency‑specific directives.
- Conduct advanced cyber risk assessments and develop mitigation strategies for complex, multi‑cloud or hybrid enterprise systems.
- Lead security impact assessments and configuration/change control reviews for major system modifications.
- Mentor and advise Junior, Mid‑Level, and Senior ISSOs; act as the escalation point for advanced RMF, architecture, and compliance issues.
- Represent the program's security posture in executive briefings, audits, interagency discussions, and high‑visibility working groups.
- Provide expert input into modernization, cloud transformation, DevSecOps integration, and enterprise resilience initiatives.
**Required qualifications to be successful in this role:**
- Bachelor's degree in Cybersecurity, Information Technology, Engineering, or related field (Master's preferred).
- 10+ years of progressive cybersecurity or IT experience, including senior‑level technical leadership or SME responsibility.
- Active Top Secret or TS/SCI clearance.
- Demonstrated mastery of:
- NIST Risk Management Framework (RMF)
- ATO lifecycle strategy, adjudication, and governance
- Executive‑level POA&M management
- STIG/SCAP/ACAS vulnerability frameworks
- Continuous monitoring governance and reporting
- Proven ability to lead multidisciplinary cybersecurity, engineering, and compliance teams.
- Exceptional communication skills suited for senior stakeholders, program leadership, and executive audiences.
Preferred Certifications
Strongly Preferred:
- CISSP
- CISM
- CCSP
Additional Highly Valuable Certifications:
- CASP+ CE
- CCNP Security
- CISA
- GCIH
- GCED
- Other senior‑level DoD 8140/8570 IAM/IASAE certifications
Technical Mastery
- Expert‑level proficiency with STIG, SCAP, ACAS, Tenable, and federal vulnerability management tools.
- Deep understanding of secure cloud architectures (AWS, Azure, multi‑cloud), including control inheritance and boundary design.
- Experience with DevSecOps, CI/CD pipelines, and security automation/orchestration tools.
- Familiarity with SAST/DAST tools and automated testing frameworks.
- Ability to evaluate and influence system and network architectures for compliance, resilience, performance, and risk reduction.
Due to the nature of this government contract, US Citizenship is required.
\#CGIFederalJob
\#LI-DD1
**Skills:**
+ Information Security Mgmt
**What you can expect from us:**
**Together, as owners, let's turn meaningful insights into action.**
Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, you'll reach your full potential because...
You are invited to be an owner from day 1 as we work together to bring our Dream to life. That's why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company's strategy and direction.
Your work creates value. You'll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise.
You'll shape your career by joining a company built to grow and last. You'll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons.
Come join our team-one of the largest IT and business consulting services firms in the world.
Qualified applicants will receive consideration for employment without regard to their race, ethnicity, ancestry, color, sex, religion, creed, age, national origin, citizenship status, disability, pregnancy, medical condition, military and veteran status, marital status, sexual orientation or perceived sexual orientation, gender, gender identity, and gender expression, familial status or responsibilities, reproductive health decisions, political affiliation, genetic information, height, weight, or any other legally protected status or characteristics to the extent required by applicable federal, state, and/or local laws where we do business.
CGI provides reasonable accommodations to qualified individuals with disabilities. If you need an accommodation to apply for a job in the U.S., please email the CGI U.S. Employment Compliance mailbox at . You will need to reference the Position ID of the position in which you are interested. Your message will be routed to the appropriate recruiter who will assist you. **Please note, this email address is only to be used for those individuals who need an accommodation to apply for a job. Emails for any other reason or those that do not include a Position ID will not be returned.**
We make it easy to translate military experience and skills! Clickhere ( to be directed to our site that is dedicated to veterans and transitioning service members.
All CGI offers of employment in the U.S. are contingent upon the ability to successfully complete a background investigation. Background investigation components can vary dependent upon specific assignment and/or level of US government security clearance held. Dependent upon role and/or federal government security clearance requirements, and in accordance with applicable laws, some background investigations may include a credit check. CGI will consider for employment qualified applicants with arrests and conviction records in accordance with all local regulations and ordinances.
CGI will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with CGI's legal duty to furnish information.