In this role, you will design, build and maintain on-premise data ingestion and processing pipelines that feed a SIEM platform used for real-time security monitoring and analytics. You'll take responsibility for ensuring critical log sources are reliably parsed, normalised and enriched, enabling high-quality data to support operational and security decision-making. Working alongside security, operations and infrastructure teams, you'll onboard new data sources, improve existing pipelines and help shape standards across the platform.
You will also contribute to the long-term robustness and performance of the data platform by documenting designs, improving data flows and supporting operational teams through clear runbooks and shared knowledge.
Key responsibilities include:
Design & build Logstash pipelines for ingesting data into Elasticsearch
Develop & manage Apache NiFi flows for routing, transformation and enrichment
Parse & transform diverse log formats including JSON, CEF, Syslog and Avro
Develop & optimise Python scripts for enrichment, automation and alerting
Collaborate & support security and IT teams to onboard new log sources
Document & maintain pipeline designs, data standards and operational runbooks
Requirements
You will be an experienced data engineer with a strong background in log ingestion, data processing and analytics within secure or enterprise environments. You should be comfortable taking ownership of complex data flows, communicating clearly with stakeholders, and continuously improving how data platforms operate., * 3+ years' experience in data engineering or a related development role
Proven hands-on experience with Elastic SIEM (Elasticsearch, Logstash, Kibana)
Strong experience working with log formats such as JSON, CEF, Syslog and Avro
Proficiency in designing and optimising data flows in large-scale environments
Strong Python skills for data processing, enrichment and automation
Ability to prioritise work independently and contribute proactively
Willingness to obtain, or hold, MOD high-level security clearance
Desirable experience:
Experience with Apache NiFi data flow design and management
Knowledge of containerisation tools such as Kubernetes
Experience scaling and tuning Elasticsearch clusters
Familiarity with Windows event logging and syslog collectors
Good understanding of Linux system administration and network protocols
#LI-SB2
Benefits & conditions
CGI was recognised in the Sunday Times Best Places to Work List 2025 and has been named a UK 'Best Employer' by the Financial Times. We offer a competitive salary, excellent pension, private healthcare, plus a share scheme (3.5% + 3.5% matching) which makes you a CGI Partner not just an employee. We are committed to inclusivity, building a genuinely diverse community of tech talent and inspiring everyone to pursue careers in our sector, including our Armed Forces, and are proud to hold a Gold Award in recognition of our support of the Armed Forces Corporate Covenant. Join us and you'll be part of an open, friendly community of experts. We'll train and support you in taking your career wherever you want it to go.
Due to the secure nature of the programme, you will need to hold UK Security Clearance or be eligible to go through this clearance. This position requires 5 days on site working in Chippenham.
About the company
At CGI, you'll help protect critical systems by designing and operating data pipelines that enable real-time security insight across complex defence environments. Working on a secure programme, you'll take ownership of on-premise data ingestion and processing solutions that underpin a SIEM platform built on the Elastic Stack. You'll collaborate closely with security and infrastructure specialists, apply creative problem-solving to diverse log sources, and continuously improve how data is captured, enriched and analysed. Supported by experienced colleagues and trusted to make meaningful technical decisions, you'll deliver resilient, high-impact solutions that directly contribute to national security outcomes., Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, you'll reach your full potential because…
You are invited to be an owner from day 1 as we work together to bring our Dream to life. That's why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company's strategy and direction.
Your work creates value. You'll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise.
You'll shape your career by joining a company built to grow and last. You'll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons.
Come join our team-one of the largest IT and business consulting services firms in the world.
Discover CGI
London, England, United Kingdom
> 1000 employees
IT services
We are a global business with 91,500 professionals across hundreds of locations worldwide, providing end-to-end IT and business process services that drive our clients' businesses. In the UK alone, we have around 6,000 member-partners working across 19 towns and cities, doing everything from writing complex code to designing sophisticated software solutions. The work we do powers some of the most ambitious projects that touch the lives of many. Our approach sets us apart, characterised by our proximity model, international presence, expertise, and operational excellence. We organise our operations within metro markets where our clients have concentrated footprints, empowering our local teams to build trusted, in-person relationships. As you build your career here, you'll develop your skills, share your insights, and work side-by-side with colleagues and clients on innovative solutions that address the most complex issues. Our commitment to ownership, flexibility, and
being approachable makes us easy to do business with. Join us, and together, as owners, let's turn meaningful insights into action to meet the needs and balance the interests of our clients, shareholders, communities, and each other. Benefits: - Insurance coverage - Medical benefits - Pension plan - Member Assistant Programme - Check4Cancer - Flexible time off - Share Purchase Plan - Member discounts - Dental benefits - Vision benefits - Profit Participation Plan - Health and Wellbeing Programme
Apply for this position
Good distractions
Talks and stories from around this role — technically off-topic, practically not.
Moments
03:24 MIN
Navigating the career transition from engineering to security
Security Blindspots and How to Learn About Them - Anna Oliveira
02:37 MIN
Managing incidents and projects for banking clients
Fireside Chat with Lea
01:16 MIN
Transitioning from a developer to a security role
Secure Code Superstars: Empowering Developers and Surpassing Security Challenges Together
06:23 MIN
Explaining security protocols and career opportunities
Remote Driving on Plant Grounds with State-of-the-Art Cloud Technologies
00:34 MIN
From computer science student to crypto software engineer
Coffee with Developers - Jonathan Tang
03:15 MIN
The new AI engineer role and the RAG pipeline
Chatbots are going to destroy infrastructures and your cloud bills
04:05 MIN
Sharing platform architecture learnings and hiring opportunities
Coffee with Developers - Maria Apazoglou
03:18 MIN
The role of security in specialized vehicle projects
