Role: Network Security Engineer

Type: Full-time

Location: Montreal, Quebec (Hybrid - 3 days onsite per week)

Job Description:

This position will support the implementation and administration of network security hardware and software, enforcing network security policy. This will include troubleshooting incidents, collaborating with the Security Operations Center, providing escalation support for Level 2 Operations, and providing problem resolution. Support of Firewalls in AWS/Azure cloud and in physical datacenters, Remote Access, and the advancement of security capabilities and concepts are the main focus areas.

Responsibilities:

• Support the refinement of operational procedures.
• Adhere to information security policies.
• Maintain consistent and punctual attendance.
• Analyze and upgrade network security; integrate new security technologies.
• Manage daily operational tasks, including firewall requests and incident responses.
• Design and implement remote access solutions like IPSec and SSL VPNs.
• Offer security advice and contribute to infrastructure decisions, ensuring compliance with security standards.
• Knowledgeable in firewall management (e.g., Palo Alto), network routing/switching, and advanced layer 7 firewall features.
• Regularly evaluate security measures and advocate for progressive global security initiatives.

Requirements:

• 5 years experience in directly related work experience in network security administration\ engineering\ architecture.
• Development experience working with APIs to automate essential firewall tasks using languages such as Python to improve efficiency of day-to-day tasks.
• Experience with firewall assessment and compliance tools such as FireMon or Tufin
• Proven ability to understand and decode network traces and capture files.
• Strong knowledge of network security, Palo Alto firewalls, intrusion detection systems, authentication mechanisms, encryption technologies, and networking protocols including SMTP, HTTP, DNS, TCP/IP, and SNMP.
• Significant experience building, implementing, and administering Palo Alto firewalls both physical and virtual .
• Experience in network segmentation leveraging tools like Guardicore .
• Prior experience implementing complex network security concepts and technologies using (but not limited to):

o Palo Alto Networks Security Certifications (PCNSA/PCNSE)

o Remote Access VPN solutions (e.g. Prisma Access)

o SDN technology – Cisco ACI, Silver Peak

o Guardicore Security Certifications (GCSA/GCSE)

o AWS / Azure Cloud Certifications

o Splunk

o FireMon

• Experience with micro-segmentation concepts leveraging technologies such as Cisco ACI and Palo Alto Next Generation Firewall.
• Experience building and supporting various Palo Alto solutions such as Global Protect, Wildfire, Expedition, etc.
• Experience and deep knowledge of Palo Alto NextGen features and concepts such as UserID, AppID, ContentID, and HIPs.
• Subject matter expert of 2-4 technologies supported by the Network Operations Team and be able to cross-train other team members in these technologies. Examples above.