Security Application Support Analyst (SIEM, ElasticSearch)

CGI Group, Inc. - Ottawa, ON (30+ days ago)

Apply Now

Position Description:
As a Senior Consultant part of that Global Security Operation Center team, the Security Application Support Analyst is a team member responsible for supporting & enhancing the security events and logs handling solutions used by our SOC. This person is working with other security technical experts in charge of supporting key operational systems.

Your future duties and responsibilities:
The Security Application Support Analyst (SIEM & Elastic) is responsible for the following activities related to the Security Infrastructure operations:

Security Logging & Event Monitoring solutions support

  • Responsible for the overall functioning of the security events, log handling and big data solutions including its related components
  • Support log management defining log source, defining formatting, parsing, indexing, tuning to retain only required events, and developing reporting views
  • Work with internal service providers to ensure proper functioning of the infrastructure where the applications are installed
  • Participate within new log sources onboarding project to ensure proper integration and content parsing
Security Logging & Event Monitoring solutions Evolution

  • Participate in the evolution of the solutions
  • Participate in roadmap, long-term evolution & product evaluation
  • Share with team members best practices and improvements for SIEM, Log collectors & Elasticsearch clusters
IT Innovation & efficiency

  • Maintain knowledge & implement technologies related to IT/security management, Automation, DevOps
Required qualifications to be successful in this role:
The candidate should be passionate about security, love to solve technical challenges and like to learn new modern solutions. This member should also be able to demonstrate a thorough understanding of infrastructure operations and in-depth knowledge and experience around log management, log monitoring and SIEM solutions.


The candidate should have expertise and strong experience (5+ years) in at least two (2) of the following areas:

  • SIEM Analyst, Administrators
  • Security Solutions Support
  • Security Infrastructure Support
  • IT and/or Security Innovation and automation
Education and Certifications

  • Degree in IT Security, Engineering or Technology related fields a major plus
  • Relevant certifications are highly desirables
Security Application Support Experience:
  • Experience in supporting SIEM Solutions (i.e: ArcSight, Qradar, Logpoint, Logrythm, Splunk)
  • Experience in supporting Log collection solutions (syslog, rsyslog, syslog-ng,)
  • Experience in supporting Elastic solutions, Elasticsearch, Kibana, Logstash, filebeat, packet
  • Experience is using infrastructure automation solutions (Ansible, puppet, chef, salt, etc.)
  • Strong understanding of Linux operating system
  • Understanding of scripting (bash shell scripting, python, etc.)
  • Communication (Oral/Written) (English and French a major plus)
What you can expect from us:
Build your career with us.

It is an extraordinary time to be in business. As digital transformation continues to accelerate, CGI is at the center of this changeā€”supporting our clients' digital journeys and offering our professionals exciting career opportunities.

At CGI, our success comes from the talent and commitment of our professionals. As one team, we share the challenges and rewards that come from growing our company, which reinforces our culture of ownership. All of our professionals benefit from the value we collectively create.

Be part of building one of the largest independent technology and business services firms in the world.

Learn more about CGI at

No unsolicited agency referrals please.