Description

Position Description:

This role is hybrid and requires you to be at our downtown Toronto and/or Client office at a minimum 1 day per week – subject to change at any time.

Your future duties and responsibilities:

We are seeking a Hybrid Cloud Security Engineer to secure our multi-tenant SaaS platform by overseeing both modern cloud environments and mission-critical on-premises infrastructure. This role is essential in ensuring our security posture spans internal data centers, legacy systems, and cloud-native services.
As a key member of the security engineering team, you’ll architect, implement, and continuously improve scalable, secure, and compliant systems that support our product delivery across both platforms.

________________________________________
Key Responsibilities
🔐 Security Architecture & Engineering (Hybrid)
• Design secure infrastructure blueprints for our GCP Cloud environments and internal data centers.
• Define controls for secure connectivity, such as VPNs, site-to-site tunnels and interconnect.
• Develop and maintain security baselines for compute, storage, and networking across platforms, including cloud managed services.
• Define and implement (using Terraform) cloud networks required to support products deployments on cloud (GCP)
🧱 On-Premises Infrastructure Security
• Perform regular reviews of the firewall rules implemented in our on premise environments.
• Provide security SME expertise to our product development teams.
🔒 Cloud Security & SaaS Platform Protection
• Partner with SRE and DevOps to secure CI/CD pipelines, container registries, and IaC workflows.
• Apply Zero Trust principles and secure multi-tenant boundaries in the SaaS environment.
🔍 Threat Detection, Monitoring & Response
• Integrate cloud and on-prem telemetry into centralized SIEM systems (e.g., Splunk, Sentinel).
• Conduct incident investigations across hybrid environments and coordinate remediation efforts.
• Develop automated alerting and response playbooks.
🧩 Governance, Risk & Compliance (GRC)
• Ensure the cloud engineering and product teams Implement controls and monitoring required for SOC 2, ISO 27001, HIPAA, or industry-specific frameworks.
• Automate evidence collection and reporting using security tooling and configuration management.
🧰 Security Automation & Tooling
• Use Terraform, Ansible, and other IaC tools to standardize secure configurations.
• Work with Corporate teams that operate and manage tooling like CSPM, DLP, WAFs, vulnerability scanners, and endpoint agents.
• Extend security practices to legacy applications that cannot be cloud-migrated.

Required qualifications to be successful in this role:

Required Qualifications
• Bachelor’s degree in Computer Science, Cybersecurity, or related discipline—or equivalent experience.
• 8+ years in security engineering roles, including 2+ years working in hybrid (cloud + on-prem) environments.
• Expertise with:
o AWS, Azure, or GCP security services.
o Virtualization (e.g., VMware ESXi), endpoint protection, and firewall configuration.
o Identity management (AD, Azure AD, Okta), IAM/RBAC, and secrets management.
o Network security, VPNs, and perimeter defense.
o Understanding of Firewall rules, both on prem and in cloud environments
________________________________________
Preferred Experience
• Security certifications: CISSP, CISM, GIAC, CCSP.
• Familiarity with Zero Trust Architecture and secure SaaS multi-tenancy models.
• Experience with infrastructure security automation and CI/CD pipeline hardening.
• Tools: Terraform, Cisco Network Firewalls, GCP Firewalls.
________________________________________
Soft Skills
• Excellent communication and collaboration skills across engineering, DevOps, and compliance.
• Ability to manage competing priorities in a fast-paced SaaS organization.
• Strong analytical mindset, attention to detail, and a continuous improvement attitude.
________________________________________
Why Join Us?
• Influence the security architecture of a global SaaS platform undergoing cloud transformation.
• Work with cutting-edge technologies while solving real-world infrastructure challenges.
• Join a security-forward team embedded in the product lifecycle.
• Competitive compensation, career development, and flexible working options.
#LI-AV1

Skills:

  • Compliance Management
  • Cyb.Sec.Eng. (Sensor /Device)
  • Financial Services
  • Firewalls
  • Infrastructure architecture
  • Requirements Analysis
  • Requirements Engineering
  • Security Architecture
  • Security Assessment
  • Security Infrastr Service Ctr
  • VPN (Virtual Private Network)
  • Google Cloud Platform

What you can expect from us:

Together, as owners, let’s turn meaningful insights into action.

Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, you’ll reach your full potential because…

You are invited to be an owner from day 1 as we work together to bring our Dream to life. That’s why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company’s strategy and direction.

Your work creates value. You’ll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise.

You’ll shape your career by joining a company built to grow and last. You’ll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons.

At CGI, we value the strength that diversity brings and are committed to fostering a workplace where everyone belongs. We collaborate with our clients to build more inclusive communities and empower all CGI partners to thrive. As an equal-opportunity employer, being able to perform your best during the recruitment process is important to us. If you require an accommodation, please inform your recruiter.

To learn more about accessibility at CGI, contact us via email. Please note that this email is strictly for accessibility requests and cannot be used for application status inquiries.

Come join our team—one of the largest IT and business consulting services firms in the world.

Share on LinkedInShare on FacebookTweet about this on Twitter