Questrade Financial Group (QFG), through its companies - Questrade, Inc., Questrade Wealth Management Inc., Community Trust Company, Zolo, and Flexiti Financial Inc., provides securities and foreign currency investment, professionally managed investment portfolios, mortgages, real estate services, financial services and more. Questrade uses cutting-edge technologies to develop innovative products that give customers better, more affordable ways to take control of their money. 
 
We are everything a traditional financial institution is not. At QFG, you will be constantly moving forward, bringing the future of fintech into existence. You will be a part of a collaborative team that cares deeply about our mission and each other. Your team members will help you conquer challenges, push boundaries and discover what you are truly capable of.
 
At QFG, we have a culture of innovation where technology serves people—both our team and our customers. We see AI as a collaborative and transformative enabler, and we are seeking forward-thinking individuals who can effectively integrate it into their daily work. The ideal candidate will be a catalyst for change, helping us use AI to create a more efficient and rewarding employee experience while also developing cutting-edge solutions that delight and serve our customers. Join us in shaping a future where AI empowers our team to do their best work and helps us deliver unparalleled customer experiences. 

This is a place where you can explore, discover and learn with continuous growth. As a diverse and inclusive place to work, with a hybrid working environment you can unleash your creativity and curiosity with no limits. If you share the same sense of infinite possibility, come shape your future at QFG.

What’s in it for you as an employee of QFG?

• Health & wellbeing resources and programs 

• Paid vacation, personal, and sick days for work-life balance

• Competitive compensation and benefits packages

• Career growth and development opportunities

• Opportunities to contribute to community causes

• Work with diverse team members in an inclusive and collaborative environment

We’re looking for our next Principal SIEM Engineer. Could It Be You?

Your contribution delivering sustainable and measurable results in the following areas will be very important:

Owning the health, performance, and evolution of the Elastic SIEM platform and the Kafka-based log streaming infrastructure that feeds it. You will be primarily involved in designing and maintaining the data pipeline and SIEM infrastructure that makes security operations possible. This role also includes administration of security solutions such as EDR and its policies, sensor health, WAF policies, Email Gateway and more. This is a dedicated engineering role focused on building and scaling the SIEM platform and administration of SOC tools. You will be working alongside internal customers and our vendor support teams to ensure we are utilizing our security tools in accordance with corporate policies and growing business needs. You will work closely with Cybersecurity and IT teams to align priorities and execute plans for new initiatives, as well as drive platform improvements and establish documentation for new tools.

Need more details? Keep reading…

You will:

• Design, deploy, and maintain security tools (SOAR, EDR, email gateway, WAF, and more).

• Design, deploy, and maintain Elastic cluster architecture (data nodes, coordinating nodes, ingest pipelines).

• Manage index lifecycle policies, data retention, hot/warm/cold tiering, and storage optimization.

• Build and maintain ingest pipelines, parsers, and log source integrations.

• Perform platform performance tuning: query optimization, shard strategy, and resource allocation.

• Develop and maintain detection-as-code CI/CD pipelines for rule deployment.

• Maintain Elastic Security dashboards, visualizations, and saved searches.

• Coordinate with stakeholders on log source onboarding.

• Design, deploy, and maintain the Kafka streaming infrastructure: topic architecture, partitioning strategy, consumer group management, and throughput optimization.

• Monitor and maintain data pipeline reliability, ensuring end-to-end log delivery from source through Kafka to Elastic with minimal latency and data loss.

• Manage Elastic upgrades, patches, and cluster health monitoring.

• Architect and maintain NXLog deployment and configuration across the environment for log collection and forwarding.

• Manage capacity planning and infrastructure scaling for the Elastic cluster and Kafka environment.

• Drive automation of routine platform operations through scripting (Python, Bash) and infrastructure-as-code practices.

• Collaborate with Security Operations and Detection Engineering teams to translate detection requirements into optimized platform capabilities.

• Mentor and develop team members in Elastic Stack administration and data pipeline engineering.

• Evaluate emerging SIEM and log management technologies and provide strategic recommendations for platform evolution.

• Define and maintain platform documentation, runbooks, and operational procedures for all SIEM and pipeline components.

• Establish and report on SIEM platform performance metrics (ingestion rates, query latency, storage efficiency, pipeline health).

• Participate in on-call rotations for SIEM, SOC tools and data pipeline infrastructure, including outside of business hours.

So are YOU our next Principal SIEM Engineer? You are if you have… 

• 5+ years of relevant experience in SIEM platform engineering, Elastic Stack administration, and data pipeline architecture in an enterprise environment.

• Experience with deployment and management of security solutions (EDR, SOAR, WAF, email gateway and more)

• Extensive experience designing, deploying, and maintaining production Elasticsearch/OpenSearch clusters at scale.

• Deep expertise with Elastic Security, Kibana, Logstash, Beats, and Elastic Agent for security monitoring and log management.

• Proven experience designing and operating Apache Kafka infrastructure (brokers, ZooKeeper/KRaft, Connect) for high-throughput log streaming.

• Experience with NXLog deployment, configuration, and management for enterprise log collection.

• Proven track record of designing and implementing data pipeline architectures with focus on reliability, scalability, and minimal data loss.

• Strong Linux systems administration skills and experience managing infrastructure in production environments.

• Proficiency in scripting languages (Python, Bash) for automation, tooling development, and infrastructure-as-code.

• Deep understanding of index lifecycle management, data retention strategies, and storage optimization for large-scale SIEM deployments.

• Experience with CI/CD pipelines (GitLab) for detection-as-code and infrastructure automation.

• Demonstrated experience mentoring and developing engineering skills across a platform or infrastructure team.

• Strong ability to communicate platform architecture decisions and capacity planning to technical and non-technical stakeholders.

• Experience with cloud-native infrastructure and container orchestration (GCP, AWS, Docker, Kubernetes).

Brownie points if you have...

• Elastic Certified Engineer, Elastic Certified Analyst, Confluent Certified Administrator for Apache Kafka, or similar relevant certifications

Sounds like you? Click below to apply!

#LI-Hybrid #LI-MM1