Security Technology Operations Manager

The Global Security Operation Center (GSOC) organization is responsible for security monitoring, perimeter defense, endpoint protection, detection and response based on continuous real-time threat insights and robust technology platforms.

As GSOC Security Technology Operations Manager-Log Analytics & Cloud Support, you and your team of dedicated security application support specialists are responsible for building, operating, maintaining and monitoring on-prem and cloud-based SIEM/SOAR solutions and integrating them with many other new and existing IT and security solutions. Together with CGI internal service providers responsible for providing on-prem and cloud hardware and network infrastructure, you will ensure the availability and functional performance of all GSOC technology platforms.

The GSOC Security Technology Operation Manager is responsible for delivery, support and evolution of Security Log Analytics & Cloud solutions as follows:
Security Technology Evolution

•Provide thought leadership and input to key vendor/solution evaluations, technical and functional requirements, architectures, designs, business cases and technical project planning deliverables.
•Provide technical expertise and counsel to Project teams when planning major modifications to existing or migrations to new security systems and services.
•Lead the Team in transforming technical and functional and operational requirements into working production systems, ensuring operational readiness by fully documenting critical and standard operating procedures related to security application build, installation/configuration, RBAC and access control, monitoring, incident response.
•Ensure all operational impacts are accounted for during complex technology transformations and migrations and all risks are mitigated.
•Help the Team acquire the knowledge and skills required to operate and maintain existing and new technologies by providing continuous training opportunities and safe environments in which to practice.

Operations and Maintenance
•Implement 3rd-party vendor and internal service provider operations models and RACI charts to ensure timely resolution of issues and incidents once a system goes live.
•Build a service delivery process framework that includes access management, asset management, incident management, problem management, vendor and service provider management.
•Define, report on and monitor security service Key Performance Indicators (KPIs) for trends requiring attention and operational improvement.
•Implement robust application incident response processes to ensure high availability and integrity of all GSOC technology platforms.
•Implement release management and change management practices that introduce new features and fixes in a systematic way that minimizes the risk of service interruption or degradation.
•Continuously review operational procedures on a regular basis to ensure they are up to date and readily available to all team members who must follow them.

Team Management
•Recruit highly skilled and experienced resources needed to complete deliverables and deliver security services on time and with quality.
•Align business objectives with team and member objectives ensuring they are both measurable and achievable.
•Apply rigor and discipline to work and time tracking using JIRA and other tools as input to staffing allocation and resource management.
•Coach and mentor team members to help them work together to achieve project, Team and individual goals.
•Manage non-compliance and non-performance of team members using performance improvement plans and practices.

Collaboration and Continuous Improvement
•Develop strong working relationships with internal and external stakeholders and collaborators.
•Continuously look for opportunities to improve our overall security posture and operational readiness using industry best practice and tooling.
Apply lessons learned to daily operations to continuously improve service quality and overall value to the GSOC organization.

The candidate should be passionate about cybersecurity, love to apply critical thinking skills to solve complex technical and other challenges. They should be able to demonstrate a thorough understanding of enterprise IT infrastructure and application operations and the complexities that come with integrating data-driven systems and processes. The candidate should have experience leading and motivating a team to discover super-powers they never knew they had. If you are a creative self-starter who uses their knowledge, skills and experience to do what’s right and get things done, then this job is for you!
Experience

The candidate should have IT/security expertise and 8 to 10+ years of experience in at least two (2) of the following areas:
•Enterprise IT architecture and design for large geographically dispersed organizations.
•Enterprise application administration for user bases of 250 employees or more.
•Security Information and Event Management (SIEM) set up, operations, maintenance.
•Security Orchestration Automation and Response (SOAR) set up, operations, maintenance.
•Technical team leadership.
•Technical project management.
•Delivery of 1 or more enterprise service e.g. Help Desk, Server/desktop provisioning, MS Exchange/email, CRM, CMS.

Education and Certifications
•Degree in IT, Cybersecurity, Engineering or technology-related fields a major plus.
•Relevant certifications are highly desirable.
Technologies
•SIEM e.g. ArcSight, Qradar, Elasticsearch, Splunk, MS Sentinel.
•Log collection e.g. Cribl, Datadog, Calyptia, Snare.
•Security compliance e.g. Tanium, Crowdstrike EDR.
•Vulnerability management e.g. Tenable, Rapid7.
•SOAR e.g. Phantom, Trellix ePolicy Orchestrator (ePO).
•Automation e.g. Ansible, Jenkins.
•Cloud e.g. Azure, AWS, GCP.

Skills:
•Communication (Verbal/Written) (English and French a major plus).
•Team building.
•Resource management.
•Collaboration.
•Conflict resolution.
•Project management.
•Global delivery of services.
•Cost control and budget management (finance).

#LI-KM1

Together, as owners, let’s turn meaningful insights into action.

Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, you’ll reach your full potential because…

You are invited to be an owner from day 1 as we work together to bring our Dream to life. That’s why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company’s strategy and direction.

Your work creates value. You’ll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise.

You’ll shape your career by joining a company built to grow and last. You’ll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons.

At CGI, we recognize the richness that diversity brings. We strive to create a work culture where all belong and collaborate with clients in building more inclusive communities. As an equal-opportunity employer, we want to empower all our members to succeed and grow. If you require an accommodation at any point during the recruitment process, please let us know. We will be happy to assist.

Come join our team-one of the largest IT and business consulting services firms in the world.