Manager, Global SOC Log Analytics & Cloud Support

Position Description:

The CGI Global Security Operations Center (GSOC) is responsible for security monitoring threat detection and incident response. Leveraging continuous real-time threat intelligence and advanced technology platforms the GSOC works to proactively safeguard CGI and its clients against evolving cyber threats.

As the manager of GSOC Log Analytics & Cloud Support Manager within the CGI Global Security Operations Center (GSOC) you will lead a team of dedicated security application support experts responsible for the engineering delivery operation and ongoing support of both on-premises and cloud-based security platforms. Your team will manage the integration of these platforms with a wide range of existing and emerging IT and security solutions. In collaboration with CGIs internal infrastructure service providers you will ensure the continuous availability performance and scalability of GSOCs core security technology platforms.

This role is critical to enabling other teams to be effective with threat detection incident response and overall security operations across the enterprise.

Your future duties and responsibilities:

The GSOC Log Analytics & Cloud Support Manager is responsible for delivery support and evolution of Security Log Analytics & Cloud solutions as follows:
Security Technology Engineering & Innovation
Provide strategic and technical leadership in the design deployment and evolution of GSOCs on-prem and cloud-based SIEM and log analytics platforms.
Provide thought leadership in the evaluation of emerging technologies and vendor solutions by contributing to technical and functional requirements architectures designs business cases and project planningdriving innovation through prototyping experimentation and agile implementation cycles.
Translate security operational and business requirements into scalable reliable and secure platform designs and lead the team in delivering production-ready systems (emphasizing automation resilience and observability) while ensuring full operational readiness through comprehensive documentation of build procedures configurations access controls monitoring and incident response processes.
Embed SRE principles into platform architecture and engineering focusing on service-level indicators (SLIs) objectives (SLOs) and error budgets to guide platform improvements.
Champion modern engineering practices including infrastructure as code (IaC) CI/CD pipelines and automated testing to drive speed consistency and reliability across all platform deployments.
Foster a culture of continuous learning and experimentation by providing ongoing training opportunities encouraging cross-training and hands-on practice and creating safe environments (such as hackathons and labs) for the team to build skills and confidence with both existing and emerging technologies.

Platform Reliability Operations & Maintenance
Establish and continuously refine robust monitoring alerting and self-healing capabilities for all log analytics and SIEM platforms to ensure high availability and performance.
Build a service delivery process framework that includes access management asset management incident management problem management vendor and service provider management.
Develop implement and maintain robust incident management processes (supported by clear well-maintained runbooks and process procedures) to ensure high availability integrity and consistent handling of operational events across GSOC log collection and SIEM solutions.
Define monitor and report on key service metrics and security KPIs (such as latency uptime MTTR and MTBF) to identify trends guide operational priorities and drive continuous improvement through reliability engineering practices.
Drive continuous improvement of service health using post-incident reviews blameless retrospectives and root cause analyses to prevent recurrence.
Collaborate with internal infrastructure providers and third-party vendors to establish effective operating models roles and service expectations via RACI and SLA frameworks.

Team Leadership & Talent Development
Build and lead a cross-functional engineering team with strong expertise in cloud operations SIEM and application reliability.
Drive agile work management practices using tools such as JIRA to track work capacity and delivery velocity enabling data-driven planning and prioritization.
Align team goals and individual development plans with GSOCs strategic security objectives emphasizing innovation ownership and continuous growth.
Foster a collaborative and psychologically safe team environment that encourages experimentation open feedback and professional accountability.
Address performance gaps constructively using coaching continuous feedback and performance improvement plans when necessary.

Collaboration and Continuous Improvement
Build strong collaborative relationships with GSOC teams IT infrastructure providers engineering teams and security stakeholders to ensure alignment on priorities and outcomes.
Promote a DevSecOps mindset and work collaboratively with team members to embed security and reliability into every stage of the system lifecycle.
Seek out opportunities to optimize operational efficiency and effectiveness through automation AI/ML-driven analytics and process reengineering.
Lead continuous service improvement initiatives applying lessons learned from incidents metrics and stakeholder feedback to increase platform resilience and user satisfaction.

Required qualifications to be successful in this role:

To thrive in this role you should bring a strong passion for cybersecurity and a problem-solving mindset fueled by critical thinking and curiosity. You have a deep understanding of enterprise IT infrastructure application operations and the challenges involved in integrating complex data-driven systems. Youre not just technically skilled youre also a people leader who knows how to inspire and elevate a team helping individuals unlock their full potential. As a creative self-motivated engineering professional you take initiative apply sound judgment and consistently deliver results while doing whats right. If youre driven by purpose innovation and impact this role offers the opportunity to lead meaningful change.

Experience
The candidate should have IT/security expertise and 5 to 10 years of experience in at least two (2) of the following areas:
Proven experience in managing or architecting/supporting enterprise-grade platforms in hybrid (on-prem cloud) environments.
Deep hands-on knowledge of log analytics log normalization/parsing data pipeline architecture and integration with security tooling.
Strong background in cloud infrastructure operations (AWS Azure GCP) and securing cloud-native applications.
Demonstrated experience applying SRE principles: service monitoring SLO/SLI development error budgets capacity planning and automated recovery.

Education and Certifications
Degree in Systems/Software Engineering IT Cybersecurity or technology-related fields a major plus.
Relevant certifications are highly desirable:
Security: CISSP GCIA GCIH or GIAC Security Operations certifications.
Cloud: AWS Certified Solutions Architect Azure Administrator/Architect or Google Cloud certifications.
SRE/DevOps: Certified Kubernetes Administrator (CKA) Google SRE certificate or DevOps Foundation/Engineer certifications.
SIEM/SOAR: Vendor-specific certifications (e.g. Splunk Elastic QRadar Sentinel Palo Alto Cortex XSOAR).

Technical Skills
SIEM - Splunk Microsoft Sentinel Qradar Elasticsearch.
Log collection - Cribl Datadog Calyptia Snare syslog.
Automation Gitlab Ansible & familiarity with infrastructure-as-code (Terraform CloudFormation) and CI/CD pipelines (GitLab Jenkins Azure DevOps).
Cloud solutions - Azure AWS GCP.
Proficiency in one or more scripting or automation languages (Python PowerShell Bash etc.).
Strong understanding of security architecture access controls threat modeling and incident response frameworks.

Leadership & Soft Skills
Excellent leadership and team-building skills with the ability to lead high-performing cross-functional technical teams.
Demonstrated ability to manage and prioritize multiple complex initiatives & global delivery of services in a fast-paced agile environment.
Strong communication and stakeholder engagement skills with the ability to convey technical concepts to both technical and non-technical audiences.
Passion for innovation and continuous improvement with a growth mindset and a commitment to learning and coaching.
Communication (Verbal/Written) (English and French a major plus).

#LI-KM1

Skills:

• English
• Security Administration
• Security Infrastructure Supprt
• Security Operations Center
• Splunk
• CompTIA Cyber Security Prof
• CompTIA Security
• Elastic Certified Engineer
• IT Security
• IT Service Management
• Public Cloud Security

What you can expect from us:

Together as owners lets turn meaningful insights into action.

Life at CGI is rooted in ownership teamwork respect and belonging. Here youll reach your full potential because

You are invited to be an owner from day 1 as we work together to bring our Dream to life. Thats why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our companys strategy and direction.

Your work creates value. Youll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas embrace new opportunities and benefit from expansive industry and technology expertise.

Youll shape your career by joining a company built to grow and last. Youll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons.

At CGI we recognize the richness that diversity brings. We strive to create a work culture where all belong and collaborate with clients in building more inclusive communities. As an equal-opportunity employer we want to empower all our members to succeed and grow. If you require an accommodation at any point during the recruitment process please let us know. We will be happy to assist.

Come join our teamone of the largest IT and business consulting services firms in the world.