Today
Secret
Unspecified
CI Polygraph
IT - Hardware
Houston, TX (On-Site/Office)
Position Description:
We are seeking a highly experienced and hands-on Security and Infrastructure Manager to lead the planning, execution, and day-to-day operations of our IT security and infrastructure functions. This role bridges leadership and technical execution, combining strategic planning with tactical delivery of cybersecurity initiatives. The successful candidate will drive implementation of best-in-class security tools and practices while maintaining stable and scalable infrastructure.
This position will focus heavily on Microsoft Azure cloud infrastructure, Microsoft 365/O365 tenant governance, Microsoft Defender XDR for threat protection, and Microsoft Purview for data loss prevention, data privacy, and regulatory compliance. The ideal candidate will also be responsible for managing EDR/XDR/SIEM platforms, configuring SASE/Zero Trust solutions, and ensuring adherence to SOX and NIST CSF 2.0 frameworks.
Core Responsibilities
Lead the design, deployment, and administration of secure Microsoft Azure infrastructure, including network security groups (NSGs), virtual networks, Azure Firewall, Bastion, App Gateways, and Defender for Cloud.
Own tenant-wide governance and administration of Microsoft 365/O365 platforms including Exchange Online, SharePoint, OneDrive, and Microsoft Teams with a focus on policy enforcement, content protection, and secure collaboration.
Configure and manage Microsoft Defender XDR, including Defender for Endpoint, Identity, Cloud Apps, and Office 365, ensuring effective detection, prevention, and response to threats.
Manage Microsoft Purview deployment to support Data Loss Prevention (DLP), Insider Risk Management, data classification, sensitivity labeling, and AI governance policies.
Architect and administer SASE and Zero Trust Network Access solutions for identity-aware secure access to cloud and internal applications.
Lead and execute security incident response efforts, integrating signals from SIEM/EDR platforms. Coordinate root cause analysis and remediation of incidents.
Support vulnerability management, patch deployment, GPO hardening, endpoint protection, and change reviews for production systems.
Review access control requests and enforce policy-based RBAC using Microsoft Entra ID. Manage identity governance including MFA, provisioning, and periodic access certification.
Ensure the companys cybersecurity posture meets compliance standards, particularly SOX IT General Controls and NIST CSF 2.0. Document controls and maintain audit readiness.
Respond to infrastructure-related escalations including outages, backups, connectivity failures, remote access provisioning, endpoint support, and application-level access issues.
Review and respond to internal ITSM tickets related to access, endpoint health, firewall rules, application installations, and user provisioning/deprovisioning.
Continuously monitor security event notifications and investigate correlated alerts across security monitoring and management tools.
Required Qualifications
Minimum 7 years of experience in cybersecurity, infrastructure management, or IT operations, with at least 3 years in a senior technical or management role.
Extensive experience managing Microsoft Azure IaaS/PaaS environments, including infrastructure hardening, policy enforcement, and cost/resource optimization.
Advanced proficiency with Microsoft 365/O365 administration, including security, compliance, collaboration, and retention capabilities.
Hands-on experience with Microsoft Defender XDR (Endpoint, Identity, Office 365, Cloud Apps), and Microsoft Intune.
Proven success implementing and maintaining Microsoft Purview DLP, Insider Risk, data classification, and AI data privacy controls.
Strong knowledge and configuration experience with firewalls and secure remote access technologies such as Cisco ASA, Palo Alto, SonicWall, or Fortinet.
Direct experience with SASE solutions and Zero Trust frameworks
Familiarity with compliance frameworks such as SOX and NIST CSF 2.0 and NERC CIP.
Experience preparing for and responding to internal and external audits.
Relevant certifications such as AZ-500, SC-200, CISSP, CISM, CCSP, or vendor certifications from Microsoft, Zscaler, Palo Alto, etc.
#LI-SG2
Other Information:
CGI is required by law in some jurisdictions to include a reasonable estimate of the compensation range for this role. The determination of this range includes various factors not limited to skill set, level, experience, relevant training, and licensure and certifications. To support the ability to reward for merit-based performance, CGI typically does not hire individuals at or near the top of the range for their role. Compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range for this role in the U.S. is $69,700.00 - $172,600.00.
CGIs benefits are offered to eligible professionals on their first day of employment to include:
Competitive compensation
Comprehensive insurance options
Matching contributions through the 401(k) plan and the share purchase plan
Paid time off for vacation, holidays, and sick time
Paid parental leave
Learning opportunities and tuition assistance
Wellness and Well-being programs
Skills:
What you can expect from us:
Together, as owners, lets turn meaningful insights into action.
Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, youll reach your full potential because
You are invited to be an owner from day 1 as we work together to bring our Dream to life. Thats why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our companys strategy and direction.
Your work creates value. Youll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise.
Youll shape your career by joining a company built to grow and last. Youll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons.
Come join our teamone of the largest IT and business consulting services firms in the world.
Qualified applicants will receive consideration for employment without regard to their race, ethnicity, ancestry, color, sex, religion, creed, age, national origin, citizenship status, disability, pregnancy, medical condition, military and veteran status, marital status, sexual orientation or perceived sexual orientation, gender, gender identity, and gender expression, familial status or responsibilities, reproductive health decisions, political affiliation, genetic information, height, weight, or any other legally protected status or characteristics to the extent required by applicable federal, state, and/or local laws where we do business.
CGI provides reasonable accommodations to qualified individuals with disabilities. If you need an accommodation to apply for a job in the U.S., please email the CGI U.S. Employment Compliance mailbox at US_Employment_Compliance@cgi.com . You will need to reference the Position ID of the position in which you are interested. Your message will be routed to the appropriate recruiter who will assist you. Please note, this email address is only to be used for those individuals who need an accommodation to apply for a job. Emails for any other reason or those that do not include a Position ID will not be returned.
We make it easy to translate military experience and skills! Click here to be directed to our site that is dedicated to veterans and transitioning service members.
All CGI offers of employment in the U.S. are contingent upon the ability to successfully complete a background investigation. Background investigation components can vary dependent upon specific assignment and/or level of US government security clearance held. Dependent upon role and/or federal government security clearance requirements, and in accordance with applicable laws, some background investigations may include a credit check. CGI will consider for employment qualified applicants with arrests and conviction records in accordance with all local regulations and ordinances.
CGI will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with CGIs legal duty to furnish information.
We are seeking a highly experienced and hands-on Security and Infrastructure Manager to lead the planning, execution, and day-to-day operations of our IT security and infrastructure functions. This role bridges leadership and technical execution, combining strategic planning with tactical delivery of cybersecurity initiatives. The successful candidate will drive implementation of best-in-class security tools and practices while maintaining stable and scalable infrastructure.
This position will focus heavily on Microsoft Azure cloud infrastructure, Microsoft 365/O365 tenant governance, Microsoft Defender XDR for threat protection, and Microsoft Purview for data loss prevention, data privacy, and regulatory compliance. The ideal candidate will also be responsible for managing EDR/XDR/SIEM platforms, configuring SASE/Zero Trust solutions, and ensuring adherence to SOX and NIST CSF 2.0 frameworks.
Core Responsibilities
Lead the design, deployment, and administration of secure Microsoft Azure infrastructure, including network security groups (NSGs), virtual networks, Azure Firewall, Bastion, App Gateways, and Defender for Cloud.
Own tenant-wide governance and administration of Microsoft 365/O365 platforms including Exchange Online, SharePoint, OneDrive, and Microsoft Teams with a focus on policy enforcement, content protection, and secure collaboration.
Configure and manage Microsoft Defender XDR, including Defender for Endpoint, Identity, Cloud Apps, and Office 365, ensuring effective detection, prevention, and response to threats.
Manage Microsoft Purview deployment to support Data Loss Prevention (DLP), Insider Risk Management, data classification, sensitivity labeling, and AI governance policies.
Architect and administer SASE and Zero Trust Network Access solutions for identity-aware secure access to cloud and internal applications.
Lead and execute security incident response efforts, integrating signals from SIEM/EDR platforms. Coordinate root cause analysis and remediation of incidents.
Support vulnerability management, patch deployment, GPO hardening, endpoint protection, and change reviews for production systems.
Review access control requests and enforce policy-based RBAC using Microsoft Entra ID. Manage identity governance including MFA, provisioning, and periodic access certification.
Ensure the companys cybersecurity posture meets compliance standards, particularly SOX IT General Controls and NIST CSF 2.0. Document controls and maintain audit readiness.
Respond to infrastructure-related escalations including outages, backups, connectivity failures, remote access provisioning, endpoint support, and application-level access issues.
Review and respond to internal ITSM tickets related to access, endpoint health, firewall rules, application installations, and user provisioning/deprovisioning.
Continuously monitor security event notifications and investigate correlated alerts across security monitoring and management tools.
Required Qualifications
Minimum 7 years of experience in cybersecurity, infrastructure management, or IT operations, with at least 3 years in a senior technical or management role.
Extensive experience managing Microsoft Azure IaaS/PaaS environments, including infrastructure hardening, policy enforcement, and cost/resource optimization.
Advanced proficiency with Microsoft 365/O365 administration, including security, compliance, collaboration, and retention capabilities.
Hands-on experience with Microsoft Defender XDR (Endpoint, Identity, Office 365, Cloud Apps), and Microsoft Intune.
Proven success implementing and maintaining Microsoft Purview DLP, Insider Risk, data classification, and AI data privacy controls.
Strong knowledge and configuration experience with firewalls and secure remote access technologies such as Cisco ASA, Palo Alto, SonicWall, or Fortinet.
Direct experience with SASE solutions and Zero Trust frameworks
Familiarity with compliance frameworks such as SOX and NIST CSF 2.0 and NERC CIP.
Experience preparing for and responding to internal and external audits.
Relevant certifications such as AZ-500, SC-200, CISSP, CISM, CCSP, or vendor certifications from Microsoft, Zscaler, Palo Alto, etc.
#LI-SG2
Other Information:
CGI is required by law in some jurisdictions to include a reasonable estimate of the compensation range for this role. The determination of this range includes various factors not limited to skill set, level, experience, relevant training, and licensure and certifications. To support the ability to reward for merit-based performance, CGI typically does not hire individuals at or near the top of the range for their role. Compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range for this role in the U.S. is $69,700.00 - $172,600.00.
CGIs benefits are offered to eligible professionals on their first day of employment to include:
Competitive compensation
Comprehensive insurance options
Matching contributions through the 401(k) plan and the share purchase plan
Paid time off for vacation, holidays, and sick time
Paid parental leave
Learning opportunities and tuition assistance
Wellness and Well-being programs
Skills:
- Compliance
- Firewalls
- Leadership
- Network Security
What you can expect from us:
Together, as owners, lets turn meaningful insights into action.
Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, youll reach your full potential because
You are invited to be an owner from day 1 as we work together to bring our Dream to life. Thats why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our companys strategy and direction.
Your work creates value. Youll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise.
Youll shape your career by joining a company built to grow and last. Youll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons.
Come join our teamone of the largest IT and business consulting services firms in the world.
Qualified applicants will receive consideration for employment without regard to their race, ethnicity, ancestry, color, sex, religion, creed, age, national origin, citizenship status, disability, pregnancy, medical condition, military and veteran status, marital status, sexual orientation or perceived sexual orientation, gender, gender identity, and gender expression, familial status or responsibilities, reproductive health decisions, political affiliation, genetic information, height, weight, or any other legally protected status or characteristics to the extent required by applicable federal, state, and/or local laws where we do business.
CGI provides reasonable accommodations to qualified individuals with disabilities. If you need an accommodation to apply for a job in the U.S., please email the CGI U.S. Employment Compliance mailbox at US_Employment_Compliance@cgi.com . You will need to reference the Position ID of the position in which you are interested. Your message will be routed to the appropriate recruiter who will assist you. Please note, this email address is only to be used for those individuals who need an accommodation to apply for a job. Emails for any other reason or those that do not include a Position ID will not be returned.
We make it easy to translate military experience and skills! Click here to be directed to our site that is dedicated to veterans and transitioning service members.
All CGI offers of employment in the U.S. are contingent upon the ability to successfully complete a background investigation. Background investigation components can vary dependent upon specific assignment and/or level of US government security clearance held. Dependent upon role and/or federal government security clearance requirements, and in accordance with applicable laws, some background investigations may include a credit check. CGI will consider for employment qualified applicants with arrests and conviction records in accordance with all local regulations and ordinances.
CGI will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with CGIs legal duty to furnish information.
group id: 10115792
Work With Purpose
