Position Description:
At CGI, you’ll play a pivotal role in safeguarding a highly secure platform that underpins critical client operations. As a senior security professional, you’ll help shape resilient, compliant environments where robust engineering and smart automation protect what matters most. Working at the forefront of cyber security, you’ll influence outcomes, strengthen trust, and enable innovation across complex, mission-critical systems. We empower our people to take ownership, think creatively about security challenges, and thrive within a supportive, collaborative culture—giving you the space to make a meaningful, lasting impact while advancing your career.
CGI was recognised in the Sunday Times Best Places to Work List and has been named a UK ‘Best Employer’ by the Financial Times. We offer a competitive salary, excellent pension, private healthcare, plus a share scheme (3.5% + 3.5% matching) which makes you a CGI Partner not just an employee. We are committed to inclusivity, building a genuinely diverse community of tech talent and inspiring everyone to pursue careers in our sector, including our Armed Forces, and are proud to hold a Gold Award in recognition of our support of the Armed Forces Corporate Covenant. Join us and you’ll be part of an open, friendly community of experts. We’ll train and support you in taking your career wherever you want it to go.
Due to the secure nature of the programme, you will need to hold UK Security Clearance or be eligible to go through this clearance. This is a hybrid position.
Your future duties and responsibilities:
In this role, you will take ownership of platform security for a highly secure, on-site client environment. You will work hands-on across endpoint protection, vulnerability management, system hardening, and compliance, ensuring the platform meets stringent security and assurance standards. Collaborating closely with DevOps and Platform Engineering teams, you will help embed security into day-to-day operations, balancing resilience, usability, and innovation.
You will act as a trusted security authority, confidently communicating risk and progress to stakeholders, while being supported by experienced colleagues and proven delivery frameworks that enable you to do your best work.
Key responsibilities include:
> Lead & Protect: Operate and manage endpoint protection tooling, monitoring alerts and responding to security incidents.
> Assess & Remediate: Run vulnerability scans, prioritise risks, coordinate fixes, and validate remediation outcomes.
> Harden & Secure: Enforce secure baseline configurations and reduce configuration drift across systems.
> Assure & Comply: Support audits, maintain evidence, and track compliance against recognised security frameworks.
> Report & Influence: Produce clear security reports and provide actionable recommendations to stakeholders.
> Automate & Improve: Embed security into CI/CD pipelines and automate patching and compliance checks where possible.
Required qualifications to be successful in this role:
You will bring strong experience operating as a security or DevSecOps engineer within highly secure environments, with the confidence to take ownership of security outcomes while working collaboratively across teams. You should be comfortable operating hands-on, balancing technical depth with clear communication.
You should have:
> Extensive experience in security engineering, DevSecOps, or platform security roles.
> Strong hands-on expertise with enterprise endpoint protection solutions and vulnerability management tooling.
> Proven experience using Tenable Nessus Agent for scanning, assessment, and remediation workflows.
> Solid background in Windows system hardening and secure configuration.
> Experience supporting audits and working with security frameworks such as ISO, NIST, or CIS.
> The ability to communicate security risk effectively to both technical and non-technical audiences.
#LI-JS2
Skills:
1. Nessus
2. Trend Micro Antivirus
3. Security Infrastructure Supprt