Elasticsearch Support Engineer

Category: Architecture
Main location: Canada, Canada
Position ID: J0622-0808
Employment Type: Full Time

Position Description:

The Global Security (GS) organization of which the Global Security Operation Center (GSOC) is part, is responsible for the protection and defense of CGI members, assets and data using logging, monitoring, SIEM/SOAR, endpoint security and other advanced technologies.

As a member of the GSOC team, the Elasticsearch Support Engineer will be responsible for daily operations, maintenance and monitoring of the Elastic stack & our logging solutions.

Together with CGI internal colleagues & service providers responsible for providing on-prem and cloud hardware and network infrastructure, the Elasticsearch Support Engineer will ensure the availability and performance of the Elastic stack.

Your future duties and responsibilities:

The Elasticsearch Support Engineer is responsible for any or all of the following activities:
Operations and Maintenance
•Work with project teams and Subject Matter Experts (SMEs) to onboard new log source technologies on an as required basis.
•Familiarize with security application system requirements and work with service providers and application SMEs to meet application requirements.
•Install, configure & maintain the Elastic stack using documentation and assistance from vendors support as required.
•Customize and maintain application configuration files and settings to achieve functional objectives defined by the GS organization and industry best-practice.
•Document all custom configurations not covered by vendor documentation.
•Ensure all planned changes are managed using Change Management best practices.
•Help to ensure OS and application upgrades and patches are completed in a timely manner.
•Ensure compliance with CGI Global Security standards.

Monitoring, Incident Reporting
•Define, implement & monitor operational and performance objectives for the Elastic stack (e.g. Mean Time Between Failure, Mean Time to Recover, Availability, Disk space usage, CPU usage.)
•Monitor the Elastic stack for availability, performance and usage using monitoring tools.
•When the Elastic stack falls below operational and performance objectives, report Incidents using the appropriate method & work towards problem resolution

Troubleshooting and Incident Resolution
•When Elastic stack Incidents are reported, troubleshoot and determine root cause and required corrective action in a timely manner.
•When required, work with application SMEs and CGI internal and external service providers to resolve Incidents.
•Ensure lessons learned through root cause analysis and troubleshooting are documented.

Collaboration and Continuous Improvement
•Continuously look for opportunities to share knowledge with teammates using oral and written communication skills.
•Help project teams achieve their cost, schedule and quality goals by completing tasks on time and with quality.

Required qualifications to be successful in this role:

The candidate should be passionate about security, love to solve technical challenges and like to learn new modern solutions. This member should also be able to demonstrate a thorough understanding of enterprise security architecture and in-depth knowledge and experience around log management, log monitoring and SIEM solutions.

Experience / Expertise
The candidate should have expertise and strong experience (3+ years) in at least two (3) of the following areas:
•SIEM Analyst, Administrator & Architecture.
•Security Solutions Architect.
•Security Infrastructure Support.
•IT and/or Security Innovation and automation.
•Security technical lead.
•IT security application design, support & deployment.
•Experience producing design and system architecture documentation.

Education and Certifications
•Degree in IT Security, Engineering or Technology related fields a major plus.
•Elasticsearch Engineer certification is highly desirable.

•SIEM Solutions (e.g. Elastic, Splunk, ArcSight, Qradar).
•Log collection solutions (e.g. syslog, rsyslog, syslog-ng, winlogbeats).
•ELK stack (e.g. Elasticsearch, Kibana, Logstash, filebeat, packet).
•System monitoring (e.g. Zabbix, Spiceworks, Nagios).
•Infrastructure automation/devOps solutions (e.g. Ansible, puppet, chef, salt, etc.).

•Strong understanding of Linux operating system.
•Troubleshooting and resolving application-layer issues and errors.
•Understanding of scripting (e.g. bash shell scripting, python).
•Communication (Oral/Written) (English and French a major plus).


What you can expect from us:

Insights you can act on

While technology is at the heart of our clients’ digital transformation, we understand that people are at the heart of business success.

When you join CGI, you become a trusted advisor, collaborating with colleagues and clients to bring forward actionable insights that deliver meaningful and sustainable outcomes. We call our employees "members" because they are CGI shareholders and owners and owners who enjoy working and growing together to build a company we are proud of. This has been our Dream since 1976, and it has brought us to where we are today — one of the world’s largest independent providers of IT and business consulting services.

At CGI, we recognize the richness that diversity brings. We strive to create a work culture where all belong and collaborate with clients in building more inclusive communities. As an equal-opportunity employer, we want to empower all our members to succeed and grow. If you require an accommodation at any point during the recruitment process, please let us know. We will be happy to assist.

Ready to become part of our success story? Join CGI — where your ideas and actions make a difference.