Information Systems Security Representative (ISSR)...

CGI Federal is seeking a Senior Information Systems Security Representative (ISSR) to support a major federal mission. The Senior ISSR serves as a key security compliance lead responsible for ensuring controlled systems are authorized, operated, and maintained in accordance with federal policy, NIST guidance, and established Security Assessment and Authorization (SAA) requirements. This role works closely with system owners, ISSOs, ISSEs, assessors, and Authorizing Officials to ensure security documentation is accurate, risks are well understood, and systems maintain continuous compliance.

Your future duties and responsibilities:

• Ensure controlled systems operate in accordance with approved SAA/ATO requirements and agency security policies.

• Lead SAA/ATO activities for new systems, legacy system onboarding, and systems migrating into the GRC platform.

• Guide system owners on categorization, baseline control selection, authorization boundary definition, and impact level assessments.

• Coordinate creation and maintenance of system entries within GRC tools, ensuring categorizations and metadata are accurate.

• Review SSPs and other security documentation for completeness, accuracy, and alignment with federal requirements.

• Determine assessment requirements, coordinate testing activities, and support security control assessments.

• Compile and submit complete authorization packages to the Authorizing Official.

• Advise AO stakeholders on system vulnerabilities, residual risks, and recommended actions.

• Oversee POA&M tracking, remediation, and retesting.

• Support event-driven reauthorization and coordinate secure system decommissioning with ISSOs, ISSEs, and system owners.

• Active Top Secret clearance with SCI eligibility.

• U.S. Citizenship required due to the nature of the contract.

• Bachelor's degree in Cybersecurity, Computer Science, Information Systems, or a related discipline (advanced degree preferred).

• 10+ years of professional IT or cybersecurity experience, including substantial senior-level responsibilities.

• 7+ years of direct ISSR or A&A/SAA experience supporting cleared federal environments.

• Demonstrated leadership in RMF lifecycle execution, SAA/ATO process management, and security governance.

• In-depth knowledge of NIST guidance, security authorization processes, and federal cybersecurity compliance frameworks.

• Proven ability to work with Authorizing Officials, senior stakeholders, and diverse technical teams.

• Strong analytical, documentation, communication, and mentoring skills.

Preferred Certifications

• CISSP

• CISSP-ISSEP or CISSP-ISSAP

• CASP+ CE

• GISP

• CSSLP

• Other certifications meeting DoD 8570/8140 IAM-II/IAM-III requirements

Technical Familiarity

• Vulnerability and assessment tools such as ACAS/Nessus, Tenable SecurityCenter, and SCAP-based tools.

• GRC platforms (e.g., Xacta, JCAM, or equivalent).

• SIEM and data-activity monitoring solutions (e.g., Guardium, Splunk).

• Web application and network scanning tools (e.g., WebInspect, NMAP).

• Familiarity with ATO workflow systems used by federal law-enforcement and national-security agencies.

Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, you'll reach your full potential because… You are invited to be an owner from day 1 as we work together to bring our Dream to life. That's why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company's strategy and direction. Your work creates value. You'll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise. You'll shape your career by joining a company built to grow and last. You'll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons. Come join our team-one of the largest IT and business consulting services firms in the world.