The Information Security Analyst will play a key role in enhancing the organization’s global risk, compliance, and security governance posture. The role focuses on supporting vulnerability and risk management, security audits, incident response coordination, and business continuity planning. This is not a SOC monitoring position; instead, the analyst will collaborate with stakeholders to ensure that security frameworks, compliance requirements, and continuity plans are effectively implemented and maintained across the organization.
Experience Required: 5–7 years in Information Security, Risk, or Compliance functions
• Support Security Business Partners in delivering governance, risk, and compliance initiatives.
• Conduct risk assessments, vulnerability tracking, and remediation follow-ups.
• Coordinate security audits (internal and external), ensuring evidence collection and compliance reporting.
• Assist in developing, testing, and maintaining Business Continuity Plans (BCP) and Disaster Recovery (DR) exercises to ensure organizational resilience.
• Collaborate with technical and business teams during incident response, focusing on process coordination.
• Prepare reports, dashboards, and documentation to support compliance, audit readiness, and executive reporting.
• Contribute to security awareness and compliance training initiatives across the enterprise.
• Align security processes with frameworks such as NIST, ISO 27001, CIS Controls, and relevant regulatory requirements.
What We’re Looking For
• Governance & Risk Competencies: Understanding of information security principles, GRC frameworks (ISO 27001, NIST, CIS, PCI-DSS), and risk assessment methodologies.
• Business Continuity & Compliance: Familiarity with BCP/DR planning, testing, and integration into risk management and audit functions.
• Technical Awareness (not SOC-heavy): Exposure to cybersecurity concepts, SIEM, firewalls, and vulnerability management tools, with the ability to work alongside SOC/technical teams.
• Preferred Skills: Awareness of cloud security principles, regulatory requirements, and emerging technologies like AI in compliance and resilience contexts.
• Soft Skills: Strong communication, analytical problem-solving, and ability to translate security and risk concepts for diverse business stakeholders.
• Bachelor’s in engineering/Science, Computer Science, Cybersecurity, or related field (Master’s preferred).
• Certifications such as ISO27001, CISA, CISSP, CISSP, or BCP/DR-related certifications (e.g., CBCP, ISO 22301 Lead Implementer) are a plus.
Together, as owners, let’s turn meaningful insights into action.
Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, you’ll reach your full potential because…
You are invited to be an owner from day 1 as we work together to bring our Dream to life. That’s why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company’s strategy and direction.
Your work creates value. You’ll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise.
You’ll shape your career by joining a company built to grow and last. You’ll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons.
Come join our team—one of the largest IT and business consulting services firms in the world.