Questrade Financial Group is seeking a Principal SIEM Engineer to join its team. The successful candidate will be responsible for designing, deploying, and maintaining the company's SIEM platform and Kafka-based log streaming infrastructure. The role involves working with internal customers and vendor support teams to ensure the utilization of security tools in accordance with corporate policies and growing business needs.
Requirements
- 5+ years of relevant experience in SIEM platform engineering, Elastic Stack administration, and data pipeline architecture in an enterprise environment
- Experience with deployment and management of security solutions (EDR, SOAR, WAF, email gateway and more)
- Extensive experience designing, deploying, and maintaining production Elasticsearch/OpenSearch clusters at scale
- Deep expertise with Elastic Security, Kibana, Logstash, Beats, and Elastic Agent for security monitoring and log management
- Proven experience designing and operating Apache Kafka infrastructure (brokers, ZooKeeper/KRaft, Connect) for high-throughput log streaming
- Experience with NXLog deployment, configuration, and management for enterprise log collection
- Proven track record of designing and implementing data pipeline architectures with focus on reliability, scalability, and minimal data loss
- Strong Linux systems administration skills and experience managing infrastructure in production environments
- Proficiency in scripting languages (Python, Bash) for automation, tooling development, and infrastructure-as-code
- Deep understanding of index lifecycle management, data retention strategies, and storage optimization for large-scale SIEM deployments
- Experience with CI/CD pipelines (GitLab) for detection-as-code and infrastructure automation
- Demonstrated experience mentoring and developing engineering skills across a platform or infrastructure team
- Strong ability to communicate platform architecture decisions and capacity planning to technical and non-technical stakeholders
- Experience with cloud-native infrastructure and container orchestration (GCP, AWS, Docker, Kubernetes)
Benefits
- Health & wellbeing resources and programs
- Paid vacation, personal, and sick days for work-life balance
- Competitive compensation and benefits packages
- Career growth and development opportunities
- Opportunities to contribute to community causes
- Work with diverse team members in an inclusive and collaborative environment
