Cloud Security Support Specialist- Cloud Work Protection Platform (CWPP)

at  CGI

The Global Security (GS) organization of which the Global Security Operation Center (GSOC) is part, is responsible for the protection and defense of CGI members, assets and data using logging, monitoring, SIEM/SOAR, endpoint security and other advanced on-prem and cloud technologies. As a member of the GSOC team, the Cloud Security Support Specialist will be responsible for daily operations, support, maintenance and monitoring of cloud-based security solutions

Education and Certifications

• Degree or equivalent experience in Information Technology, Cybersecurity, Systems/Software Engineering is required.
• Relevant Cloud Certifications from Cloud major providers (AWS. GCP, Azure) are highly desirable exampl

Experience / Expertise

• Cloud Infrastructure Support
• Cloud Security
• Microsoft Azure Sentinel Administration
• Security Application Support
• Security Infrastructure Support
• Information Technology, DevOps, SecDevOp

Cloud Security Application Support Experience:

• Administering cloud platforms (e.g. Azure, GCP, AWS).
• Kubernetes Administration
• Antivirus Solution (e.g. CrowdStrike, MS Defender)
• Understanding of enterprise scale cloud subscriptions
• Understanding of hybrid cloud environments
• Automated infrastructure provisioning (e.g. Ansible, Puppet, Chef, Salt, Jenkins)
• Identity and access management in cloud environments (e.g.: Azure Active Directory

Skills:

• Scripting (bash shell scripting, python, etc.)
• API development (postman, swagger)
• Common data formats such as JSON, YAML, XML, Markdown
• Strong understanding of Linux based operating systems
• Atlassian JIRA/Confluence, Remedy ITSM, ServiceNow.
• Security operations, ITIL 3/4
• Communication (Oral/Written) (English and French a major plus

YOUR FUTURE DUTIES AND RESPONSIBILITIES

The Cloud Support Specialist is responsible for any or all the following activities:

Security Technology Evolution

• Provide technical expertise and counsel to Project teams when planning major modifications to existing or migrations to new security systems and services.
• Ensure all operational impacts are accounted for during complex technology transformations and migrations and all risks are mitigated.

Operations and Maintenance

• SME for our Cloud Workload Protection platform working together with other GSOC teams to make sure our cloud assets are onboarded, secured and monitored.
• Familiarize with security application system requirements and work with service providers, Solution SMEs and cloud admins to meet application requirements.
• Ensure that all cloud hosted virtual machines, containers and cluster are monitored and configured properly under our Cloud Workload Protection platform.
• Help us develop onboarding scrips (bash, python, API) to automate deployments to cloud workload protection platform.
• Assist with vulnerability scanning, detection, response, threat hunting and investigation related to our cloud assets.
• Assist with generating compliance and inventory reports (Servers, Cloud Assets, Accounts, Container registries, Kubernetes Clusters) from our Cloud Workload Protection platform.
• Install, configure & maintain the cloud-based security applications using documentation and assistance from vendors support as required.
• Document all custom configurations not covered by vendor documentation.
• Ensure all planned changes are managed using Change Management best practices.
• Ensure compliance with CGI Global Security standards.

Monitoring, Incident Reporting

• Monitoring events and detections and act on findings across all workloads on Azure, AWS and GCP including Kubernetes platform and work with cloud/Kubernetes admins to resolve issues.
• Monitor the cloud-based security platform for indicators of misconfiguration (IOMs)

Troubleshooting and Incident Resolution

• When cloud-based security solution incidents are reported, troubleshoot and determine root cause and required corrective action in a timely manner.
• When required, work with cloud/Kubernetes/application SMEs and CGI internal and external service providers to resolve Incidents.
• Ensure lessons learned through root cause analysis and troubleshooting are documented.

Collaboration and Continuous Improvement

• Continuously look for opportunities to share knowledge with teammates using oral and written communication skills.
• Help project teams achieve their cost, schedule and quality goals by completing tasks on time and with quality

REQUIRED QUALIFICATIONS TO BE SUCCESSFUL IN THIS ROLE

The candidate should be passionate about cybersecurity, love to solve technical challenges and be on the bleeding edge of technology. This member should also be able to demonstrate a thorough understanding of infrastructure operations and in-depth knowledge and experience around cloud provider solutions (Azure, AWS, GCP) and asset types like virtual machines, clusters (Kubernetes AKS, Amazon EKS, GKE Standard, GKE Autopilot) and registry (ACR, ECR, GAR, GCR). If you are a creative self-starter who uses their knowledge, skills and experience to get things done, then this job is for you!

Education and Certifications

• Degree or equivalent experience in Information Technology, Cybersecurity, Systems/Software Engineering is required.
• Relevant Cloud Certifications from Cloud major providers (AWS. GCP, Azure) are highly desirable example

o AZ-500: Microsoft Azure Security Technologies
o SC-200: Microsoft Security Operations Analyst
o SC-900: Microsoft Security, Compliance, and Identity Fundamentals
The ideal candidate should have expertise and strong experience (5+ years) with some of the following areas (but not limited).

Experience / Expertise

• Cloud Infrastructure Support
• Cloud Security
• Microsoft Azure Sentinel Administration
• Security Application Support
• Security Infrastructure Support
• Information Technology, DevOps, SecDevOps

Cloud Security Application Support Experience:

• Administering cloud platforms (e.g. Azure, GCP, AWS).
• Kubernetes Administration
• Antivirus Solution (e.g. CrowdStrike, MS Defender)
• Understanding of enterprise scale cloud subscriptions
• Understanding of hybrid cloud environments
• Automated infrastructure provisioning (e.g. Ansible, Puppet, Chef, Salt, Jenkins)
• Identity and access management in cloud environments (e.g.: Azure Active Directory)

Skills:

• Scripting (bash shell scripting, python, etc.)
• API development (postman, swagger)
• Common data formats such as JSON, YAML, XML, Markdown
• Strong understanding of Linux based operating systems
• Atlassian JIRA/Confluence, Remedy ITSM, ServiceNow.
• Security operations, ITIL 3/4
• Communication (Oral/Written) (English and French a major plus)