The CGI Global Security Operations Center (GSOC) is responsible for security monitoring, threat detection, and incident response. Leveraging continuous real-time threat intelligence and advanced technology platforms, the GSOC works to proactively safeguard CGI and its clients against evolving cyber threats.
As the manager of GSOC Log Analytics & Cloud Support Manager within the CGI Global Security Operations Center (GSOC), you will lead a team of dedicated security application support experts responsible for the engineering, delivery, operation, and ongoing support of both on-premises and cloud-based security platforms. Your team will manage the integration of these platforms with a wide range of existing and emerging IT and security solutions. In collaboration with CGI’s internal infrastructure service providers, you will ensure the continuous availability, performance, and scalability of GSOC’s core security technology platforms.
This role is critical to enabling other teams to be effective with threat detection, incident response, and overall security operations across the enterprise.

The candidate should have IT/security expertise and 5 to 10+ years of experience in at least two (2) of the following areas:

• Proven experience in managing or architecting/supporting enterprise-grade platforms in hybrid (on-prem + cloud) environments.
• Deep hands-on knowledge of log analytics, log normalization/parsing, data pipeline architecture, and integration with security tooling.
• Strong background in cloud infrastructure operations (AWS, Azure, GCP) and securing cloud-native applications.
• Demonstrated experience applying SRE principles: service monitoring, SLO/SLI development, error budgets, capacity planning, and automated recovery

Education and Certifications

• Degree in Systems/Software Engineering, IT, Cybersecurity or technology-related fields a major plus.
• Relevant certifications are highly desirable:
• Security: CISSP, GCIA, GCIH, or GIAC Security Operations certifications.
• Cloud: AWS Certified Solutions Architect, Azure Administrator/Architect, or Google Cloud certifications.
• SRE/DevOps: Certified Kubernetes Administrator (CKA), Google SRE certificate, or DevOps Foundation/Engineer certifications.
• SIEM/SOAR: Vendor-specific certifications (e.g., Splunk, Elastic, QRadar, Sentinel, Palo Alto Cortex XSOAR)

Technical Skills

• SIEM - Splunk, Microsoft Sentinel, Qradar, Elasticsearch.
• Log collection - Cribl, Datadog, Calyptia, Snare, syslog.
• Automation – Gitlab, Ansible & familiarity with infrastructure-as-code (Terraform, CloudFormation) and CI/CD pipelines (GitLab, Jenkins, Azure DevOps).
• Cloud solutions - Azure, AWS, GCP.
• Proficiency in one or more scripting or automation languages (Python, PowerShell, Bash, etc.).
• Strong understanding of security architecture, access controls, threat modeling, and incident response frameworks

Leadership & Soft Skills

• Excellent leadership and team-building skills, with the ability to lead high-performing, cross-functional technical teams.
• Demonstrated ability to manage and prioritize multiple complex initiatives & global delivery of services in a fast-paced, agile environment.
• Strong communication and stakeholder engagement skills, with the ability to convey technical concepts to both technical and non-technical audiences.
• Passion for innovation and continuous improvement, with a growth mindset and a commitment to learning and coaching.
• Communication (Verbal/Written) (English and French a major plus)

YOUR FUTURE DUTIES AND RESPONSIBILITIES

The GSOC Log Analytics & Cloud Support Manager is responsible for delivery, support and evolution of Security Log Analytics & Cloud solutions as follows:

Security Technology Engineering & Innovation

• Provide strategic and technical leadership in the design, deployment, and evolution of GSOC’s on-prem and cloud-based SIEM and log analytics platforms.
• Provide thought leadership in the evaluation of emerging technologies and vendor solutions by contributing to technical and functional requirements, architectures, designs, business cases, and project planning—driving innovation through prototyping, experimentation, and agile implementation cycles.
• Translate security, operational, and business requirements into scalable, reliable, and secure platform designs, and lead the team in delivering production-ready systems (emphasizing automation, resilience, and observability) while ensuring full operational readiness through comprehensive documentation of build procedures, configurations, access controls, monitoring, and incident response processes.
• Embed SRE principles into platform architecture and engineering, focusing on service-level indicators (SLIs), objectives (SLOs), and error budgets to guide platform improvements.
• Champion modern engineering practices, including infrastructure as code (IaC), CI/CD pipelines, and automated testing, to drive speed, consistency, and reliability across all platform deployments.
• Foster a culture of continuous learning and experimentation by providing ongoing training opportunities, encouraging cross-training and hands-on practice, and creating safe environments (such as hackathons and labs) for the team to build skills and confidence with both existing and emerging technologies.

Platform Reliability, Operations & Maintenance

• Establish and continuously refine robust monitoring, alerting, and self-healing capabilities for all log analytics and SIEM platforms to ensure high availability and performance.
• Build a service delivery process framework that includes access management, asset management, incident management, problem management, vendor and service provider management.
• Develop, implement and maintain robust incident management processes (supported by clear, well-maintained runbooks and process, procedures) to ensure high availability, integrity, and consistent handling of operational events across GSOC log collection and SIEM solutions.
• Define, monitor, and report on key service metrics and security KPIs (such as latency, uptime, MTTR, and MTBF) to identify trends, guide operational priorities, and drive continuous improvement through reliability engineering practices.
• Drive continuous improvement of service health using post-incident reviews, blameless retrospectives, and root cause analyses to prevent recurrence.
• Collaborate with internal infrastructure providers and third-party vendors to establish effective operating models, roles, and service expectations via RACI and SLA frameworks.

Team Leadership & Talent Development

• Build and lead a cross-functional engineering team with strong expertise in cloud operations, SIEM, and application reliability.
• Drive agile work management practices using tools such as JIRA to track work, capacity, and delivery velocity, enabling data-driven planning and prioritization.
• Align team goals and individual development plans with GSOC’s strategic security objectives, emphasizing innovation, ownership, and continuous growth.
• Foster a collaborative and psychologically safe team environment that encourages experimentation, open feedback, and professional accountability.
• Address performance gaps constructively, using coaching, continuous feedback, and performance improvement plans when necessary.

Collaboration and Continuous Improvement

• Build strong, collaborative relationships with GSOC teams, IT infrastructure providers, engineering teams, and security stakeholders to ensure alignment on priorities and outcomes.
• Promote a DevSecOps mindset and work collaboratively with team members to embed security and reliability into every stage of the system lifecycle.
• Seek out opportunities to optimize operational efficiency and effectiveness through automation, AI/ML-driven analytics, and process reengineering.
• Lead continuous service improvement initiatives, applying lessons learned from incidents, metrics, and stakeholder feedback to increase platform resilience and user satisfaction.

REQUIRED QUALIFICATIONS TO BE SUCCESSFUL IN THIS ROLE

To thrive in this role, you should bring a strong passion for cybersecurity and a problem-solving mindset fueled by critical thinking and curiosity. You have a deep understanding of enterprise IT infrastructure, application operations, and the challenges involved in integrating complex, data-driven systems. You’re not just technically skilled, you’re also a people leader who knows how to inspire and elevate a team, helping individuals unlock their full potential. As a creative, self-motivated engineering professional, you take initiative, apply sound judgment, and consistently deliver results while doing what’s right. If you’re driven by purpose, innovation, and impact, this role offers the opportunity to lead meaningful change.
Experience

The candidate should have IT/security expertise and 5 to 10+ years of experience in at least two (2) of the following areas:

• Proven experience in managing or architecting/supporting enterprise-grade platforms in hybrid (on-prem + cloud) environments.
• Deep hands-on knowledge of log analytics, log normalization/parsing, data pipeline architecture, and integration with security tooling.
• Strong background in cloud infrastructure operations (AWS, Azure, GCP) and securing cloud-native applications.
• Demonstrated experience applying SRE principles: service monitoring, SLO/SLI development, error budgets, capacity planning, and automated recovery.

Education and Certifications

• Degree in Systems/Software Engineering, IT, Cybersecurity or technology-related fields a major plus.
• Relevant certifications are highly desirable:
• Security: CISSP, GCIA, GCIH, or GIAC Security Operations certifications.
• Cloud: AWS Certified Solutions Architect, Azure Administrator/Architect, or Google Cloud certifications.
• SRE/DevOps: Certified Kubernetes Administrator (CKA), Google SRE certificate, or DevOps Foundation/Engineer certifications.
• SIEM/SOAR: Vendor-specific certifications (e.g., Splunk, Elastic, QRadar, Sentinel, Palo Alto Cortex XSOAR).

Technical Skills

• SIEM - Splunk, Microsoft Sentinel, Qradar, Elasticsearch.
• Log collection - Cribl, Datadog, Calyptia, Snare, syslog.
• Automation – Gitlab, Ansible & familiarity with infrastructure-as-code (Terraform, CloudFormation) and CI/CD pipelines (GitLab, Jenkins, Azure DevOps).
• Cloud solutions - Azure, AWS, GCP.
• Proficiency in one or more scripting or automation languages (Python, PowerShell, Bash, etc.).
• Strong understanding of security architecture, access controls, threat modeling, and incident response frameworks.

Leadership & Soft Skills

• Excellent leadership and team-building skills, with the ability to lead high-performing, cross-functional technical teams.
• Demonstrated ability to manage and prioritize multiple complex initiatives & global delivery of services in a fast-paced, agile environment.
• Strong communication and stakeholder engagement skills, with the ability to convey technical concepts to both technical and non-technical audiences.
• Passion for innovation and continuous improvement, with a growth mindset and a commitment to learning and coaching.
• Communication (Verbal/Written) (English and French a major plus).

LI-KM1