Role: Senior Network Specialist

Location: Montréal

Work schedule: 37,5

Work mode: Ability to work onsite at least 3-4 days per week is required

As a Network Cybersecurity Specialist, your key tasks will include supporting major changes to our network topology, with a focus on the implementation of a Secure Access Service Edge (SASE) platform. You will work closely with the cybersecurity team to translate security requirements into actionable network designs, ensuring alignment with vendor guidance and industry-recognized best practices to deliver a secure and future-ready infrastructure.

SASE & SD-WAN Implementation Expertise

§ Expertise with Prisma SD-WAN and experience with major migrations, including both design and implementation of Prisma Access solutions

§ Proven experience deploying Palo Alto Prisma SD-WAN and Prisma Access in hybrid environments (cloud and on-prem).

§ Ability to design and implement redundant, scalable SD-WAN architectures with performance tuning for peak periods and future growth

§ Familiarity with Strata Cloud Manager for centralized policy enforcement, logging, and visibility

Security Requirements Translation

§ Collaborate with cybersecurity teams to define and document security requirements per user, device, and service, evolving over time

§ Apply role-based access control (RBAC) and network segmentation strategies using Prisma’s native capabilities

ZTNA & Zero Trust Readiness

§ Understand Zero Trust principles and how to phase out legacy VPNs in favor of ZTNA within SASE/SSE frameworks

§ Plan for secure access to private applications using identity- and context-aware policies, leveraging Prisma Access and endpoint agents

Cloud & Remote Access Security

§ Experience with GlobalProtect and CASB/DLP integration for securing mobile and remote users

§ Knowledge of traffic inspection, malware scanning, and data loss prevention across SaaS and private applications

Operational Integration & Visibility

§ Ability to integrate SASE with existing tools like Cisco ISE, Active Directory, and SIEM platforms (e.g., Splunk)

§ Awareness of traffic visibility challenges in SASE environments and familiarity with solutions like Gigamon Cloud Broker or packet replication to cloud storage

Strategic Planning & Roadmap

§ Participate in long-term planning for network evolution, including ZTNA adoption timelines, DMZ decommissioning, and cloud migration strategies

§ Contribute to RFP development, vendor evaluations, and pilot testing of SASE/SD-WAN solutions

Requirements and qualifications

Education

• Bachelor’s degree in Computer Science, Information Security, Network Engineering, or a related field.
• A Master’s degree in Cybersecurity or Network Architecture is a plus, especially for senior or strategic roles.
• 5–7 years of experience in network engineering or cybersecurity roles.
• At least 2–3 years of hands-on experience with:

- SASE and SD-WAN deployments

- ZTNA planning or implementation

- Cloud-based security platforms, ideally Palo Alto Prisma Access and Prisma SD-WAN

Deep understanding of:

- Network security architecture and segmentation

- Secure remote access and VPN alternatives

- Zero Trust principles and identity-based access control

- Cloud networking and hybrid environments

Familiarity with:

- Policy enforcement, traffic steering, and centralized management (e.g., Strata Cloud Manager)

- Integration with identity providers (e.g., Azure AD, Okta)

- Logging, monitoring, and SIEM integration

Desired, but not required:

Holding a recognized certification such as one of these is considered an asset: PCNSE – Palo Alto Networks Certified Network Security Engineer, Cisco Certified CyberOps Associate or CCNP Security, CompTIA Security+ or other Cybersecurity certifications relevant to the role.