Senior Security Platform & Detection Specialist – Microsoft Sentinel & E5
Top Benefits
About the role
Work Mode: Hybrid, 4 days/week on-site
DESCRIPTION
In today’s environment marked by increasing cybersecurity threats, malicious actors operate with clear objectives and increasingly sophisticated techniques. As the frequency and complexity of attacks rise, organizations must continuously evolve their security platforms, detection capabilities, and response mechanisms.
To meet this challenge, security platform engineering and detection engineering capabilities are being strengthened, with a strong focus on the Microsoft security ecosystem (E5) and Microsoft Sentinel. This role is essential to ensure that security controls are designed, maintained, optimized, and continuously improved to effectively detect, prevent, and respond to advanced threats.
ABOUT THE ROLE
Reporting to the Senior Director, Information Security, the consultant plays a technical role at the intersection of security platform engineering and detection engineering. They are responsible for designing, implementing, and optimizing Microsoft security capabilities.
Key responsibilities include:
Owning the evolution of security controls within the Microsoft E5 suite, including:
Microsoft Sentinel (SIEM)
Microsoft Defender for Endpoint, Identity, Office 365, and Cloud Apps
Microsoft Purview (DLP, information protection)
Entra ID security controls
Designing, implementing, and continuously improving detection use cases in Microsoft Sentinel using KQL, analytics rules, dashboards (workbooks), and automation
Reviewing threat intelligence, adversary tactics and techniques, and emerging attack methods to develop high-fidelity detections aligned with the MITRE ATT&CK framework
Collaborating closely with SOC, Cloud, Infrastructure, and Applications teams to align detection and response capabilities with platform roadmaps
Producing clear technical documentation, dashboards, and reports to communicate risks, coverage, and operational effectiveness to technical and non-technical audiences
Your future duties and responsibilities
REQUIRED PROFILE
Strong expertise in security monitoring, detection engineering, and security platform engineering
Deep experience with Microsoft security technologies, particularly in an E5-licensed environment
Hands-on experience designing and maintaining SIEM/SOAR solutions, with a strong focus on Microsoft Sentinel
Advanced knowledge in creating and optimizing SIEM analytics rules, detection logic, and signatures, as well as automation and response playbooks
Good understanding of the cyber threat lifecycle, attacker TTPs, and the MITRE ATT&CK framework and its application to detection engineering
Solid experience with modern operating systems (Windows, Linux, macOS)
Advanced understanding of networking fundamentals, protocols, and security controls
Experience analyzing alerts from EDR/XDR, SIEM, and cloud security platforms, with the ability to recommend practical remediation strategies
Strong scripting and query skills, particularly in KQL
Deep technical expertise in detection engineering and infrastructure or cloud security engineering
Hands-on experience applying Infrastructure as Code principles using Azure DevOps, Git, and Azure Pipelines—particularly for managing security platform configurations, detection rules, and automation flows as code—is an asset
Security certifications (e.g., GCIA, GCIH, GCED, CISSP, CASP, Microsoft security certifications) are considered an asset
Required qualifications to be successful in this role
REQUIREMENTS
Bachelor’s degree in a technical field (computer science, computer engineering, or equivalent)
Minimum of 7 years of IT experience
Minimum of 5 years of cybersecurity experience
Experience in cloud security and with Microsoft security platforms
Excellent communication skills, with the ability to translate technical findings into risk discussions relevant to the business
Strong collaboration skills and ability to work with teams of varying technical maturity
Ability to work effectively under pressure in a dynamic environment
Excellent documentation, reporting, and dashboarding skills
Demonstrated ability to make practical, actionable, and risk-aligned recommendations.
CGI provides a reasonable estimate of the salary range for this position. The calculation of this range depends on various factors, including skill level, geographic market, experience, education, as well as professional licenses and certifications. Compensation decisions are determined based on the specifics of each case. A reasonable estimate of this salary range is between $70,000 and $120,000. This position is currently open.
#LI-AM1
Together, as owners, let’s turn meaningful insights into action.
Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, you’ll reach your full potential because…
You are invited to be an owner from day 1 as we work together to bring our Dream to life. That’s why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company’s strategy and direction.
Your work creates value. You’ll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise.
You’ll shape your career by joining a company built to grow and last. You’ll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons.
At CGI, we value the strength that diversity brings and are committed to fostering a workplace where everyone belongs. We collaborate with our clients to build more inclusive communities and empower all CGI partners to thrive. As an equal-opportunity employer, being able to perform your best during the recruitment process is important to us. If you require an accommodation, please inform your recruiter.
To learn more about accessibility at CGI, contact us via email. Please note that this email is strictly for accessibility requests and cannot be used for application status inquiries.
Come join our team—one of the largest IT and business consulting services firms in the world.
Not the right fit? Search for Security Platform & Detection Specialist jobs in Montréal, QC
About CGI
Insights you can act on to achieve trusted outcomes.
We are insights-driven and outcomes-focused to help accelerate returns on your investments. Across 21 industry sectors and 400 locations worldwide, we provide comprehensive, scalable and sustainable IT and business consulting services that are informed globally and delivered locally.
We value your opinions and welcome your comments and questions on our posts here on LinkedIn. Please keep a polite, professional and constructive tone. We remove comments containing objectionable language and derogatory views. We do not allow content that is unrelated to the subject, and we remove discriminatory and racist comments as well as spam and advertising.
Note that content on this page contains general information regarding CGI’s services and initiatives and should not be considered direct business advice. To engage in a discussion with one of our experts, please make a request through https://www.cgi.com/en/contact-us
Similar jobs you might like
Senior Security Platform & Detection Specialist – Microsoft Sentinel & E5
Top Benefits
About the role
Work Mode: Hybrid, 4 days/week on-site
DESCRIPTION
In today’s environment marked by increasing cybersecurity threats, malicious actors operate with clear objectives and increasingly sophisticated techniques. As the frequency and complexity of attacks rise, organizations must continuously evolve their security platforms, detection capabilities, and response mechanisms.
To meet this challenge, security platform engineering and detection engineering capabilities are being strengthened, with a strong focus on the Microsoft security ecosystem (E5) and Microsoft Sentinel. This role is essential to ensure that security controls are designed, maintained, optimized, and continuously improved to effectively detect, prevent, and respond to advanced threats.
ABOUT THE ROLE
Reporting to the Senior Director, Information Security, the consultant plays a technical role at the intersection of security platform engineering and detection engineering. They are responsible for designing, implementing, and optimizing Microsoft security capabilities.
Key responsibilities include:
Owning the evolution of security controls within the Microsoft E5 suite, including:
Microsoft Sentinel (SIEM)
Microsoft Defender for Endpoint, Identity, Office 365, and Cloud Apps
Microsoft Purview (DLP, information protection)
Entra ID security controls
Designing, implementing, and continuously improving detection use cases in Microsoft Sentinel using KQL, analytics rules, dashboards (workbooks), and automation
Reviewing threat intelligence, adversary tactics and techniques, and emerging attack methods to develop high-fidelity detections aligned with the MITRE ATT&CK framework
Collaborating closely with SOC, Cloud, Infrastructure, and Applications teams to align detection and response capabilities with platform roadmaps
Producing clear technical documentation, dashboards, and reports to communicate risks, coverage, and operational effectiveness to technical and non-technical audiences
Your future duties and responsibilities
REQUIRED PROFILE
Strong expertise in security monitoring, detection engineering, and security platform engineering
Deep experience with Microsoft security technologies, particularly in an E5-licensed environment
Hands-on experience designing and maintaining SIEM/SOAR solutions, with a strong focus on Microsoft Sentinel
Advanced knowledge in creating and optimizing SIEM analytics rules, detection logic, and signatures, as well as automation and response playbooks
Good understanding of the cyber threat lifecycle, attacker TTPs, and the MITRE ATT&CK framework and its application to detection engineering
Solid experience with modern operating systems (Windows, Linux, macOS)
Advanced understanding of networking fundamentals, protocols, and security controls
Experience analyzing alerts from EDR/XDR, SIEM, and cloud security platforms, with the ability to recommend practical remediation strategies
Strong scripting and query skills, particularly in KQL
Deep technical expertise in detection engineering and infrastructure or cloud security engineering
Hands-on experience applying Infrastructure as Code principles using Azure DevOps, Git, and Azure Pipelines—particularly for managing security platform configurations, detection rules, and automation flows as code—is an asset
Security certifications (e.g., GCIA, GCIH, GCED, CISSP, CASP, Microsoft security certifications) are considered an asset
Required qualifications to be successful in this role
REQUIREMENTS
Bachelor’s degree in a technical field (computer science, computer engineering, or equivalent)
Minimum of 7 years of IT experience
Minimum of 5 years of cybersecurity experience
Experience in cloud security and with Microsoft security platforms
Excellent communication skills, with the ability to translate technical findings into risk discussions relevant to the business
Strong collaboration skills and ability to work with teams of varying technical maturity
Ability to work effectively under pressure in a dynamic environment
Excellent documentation, reporting, and dashboarding skills
Demonstrated ability to make practical, actionable, and risk-aligned recommendations.
CGI provides a reasonable estimate of the salary range for this position. The calculation of this range depends on various factors, including skill level, geographic market, experience, education, as well as professional licenses and certifications. Compensation decisions are determined based on the specifics of each case. A reasonable estimate of this salary range is between $70,000 and $120,000. This position is currently open.
#LI-AM1
Together, as owners, let’s turn meaningful insights into action.
Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, you’ll reach your full potential because…
You are invited to be an owner from day 1 as we work together to bring our Dream to life. That’s why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company’s strategy and direction.
Your work creates value. You’ll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise.
You’ll shape your career by joining a company built to grow and last. You’ll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons.
At CGI, we value the strength that diversity brings and are committed to fostering a workplace where everyone belongs. We collaborate with our clients to build more inclusive communities and empower all CGI partners to thrive. As an equal-opportunity employer, being able to perform your best during the recruitment process is important to us. If you require an accommodation, please inform your recruiter.
To learn more about accessibility at CGI, contact us via email. Please note that this email is strictly for accessibility requests and cannot be used for application status inquiries.
Come join our team—one of the largest IT and business consulting services firms in the world.
Not the right fit? Search for Security Platform & Detection Specialist jobs in Montréal, QC
About CGI
Insights you can act on to achieve trusted outcomes.
We are insights-driven and outcomes-focused to help accelerate returns on your investments. Across 21 industry sectors and 400 locations worldwide, we provide comprehensive, scalable and sustainable IT and business consulting services that are informed globally and delivered locally.
We value your opinions and welcome your comments and questions on our posts here on LinkedIn. Please keep a polite, professional and constructive tone. We remove comments containing objectionable language and derogatory views. We do not allow content that is unrelated to the subject, and we remove discriminatory and racist comments as well as spam and advertising.
Note that content on this page contains general information regarding CGI’s services and initiatives and should not be considered direct business advice. To engage in a discussion with one of our experts, please make a request through https://www.cgi.com/en/contact-us