Title : Network Security (L3)

Role : Mississauga (Hybrid)

Position: Full Time

Required Skills, Experience and Qualifications:

Key Skills:

• Firewalls : Checkpoint, Fortinet, Palo Alto, Cisco. NAC - Aruba ClearPass, Cisco ISE. NAC - Aruba ClearPass
• WAF - Radware, F5, Netscalar, Azure etc.
• Manage day-to-day Operations according to customer environment

Organizational Functions:

• Develop and implement network security architecture, policies, and procedures to protect against threats.
• Should be able to provide L3 level support on critical/Outage situation and drive end to end until the resolution.
• Good understanding of network protocols (HTTP, HTTPS, DNS, TCP/IP).
• Should have Strong expertise in:
• Implementing and maintaining Checkpoint firewall and associated software module (VPN, URL Filtering, IPS etc.) infrastructure.
• Should have good working experience on checkpoint VPN (S2S & Remote access).
• Deep understanding of Cloudflare content delivery network (CDN) and security solutions, including web application firewalls (WAF), bot management, and DDoS protection.
• Deep understanding of RADIUS, TACACS+, 802.1X, EAP methods, and networking protocols.
• Installation and configuration of ClearPass Policy Manager (CPPM), including profiling, onboarding, and guest services.
• Resolve complex authentication failures, latency issues, and TACACS+ service issues.
• Proficiency with Zscaler tools (ZIA, ZPA, ZDX), packet capture analysis, and scripting languages (Python, PowerShell) for automation.
• Design, implement, and tune ZIA/ZPA policies for roaming, branch, and third-party users, utilizing Zscaler's cloud security concepts.
• Resolve complex L2/L3 issues related to user connectivity, authentication (SAML, SCIM, Azure AD), and access flows.
• Deep understanding of Zero Trust Network Access (ZTNA), Firewalls, and IPSec/SSL VPNs.
• Experience on maintaining any email security gateway platforms to optimize filtering.
• Experience on Investigation, quarantine, and remediation of malicious, suspicious, or spoofed emails.
• Design, build, and maintain scalable infrastructure to analyze email patterns and detect anomalies in real-time with the help of Abnormal AI tool.
• Create and maintain comprehensive documentation related to network security infrastructure and procedures following the NIST and CIS standards.
• Identify the in-efficiencies in the operations and identify potential solutions to improve efficiency.
• Own and drive improvements in the areas of Operations, technology, Advisory and customer satisfaction.
• Stay up to date on emerging security threats, technologies, and industry trends.
• Manage and mentor a team of network security engineers and analysts.
• One should identify possible automation capabilities, their execution
• within the network security products and processes, and deliver across multiple customer environments.
• Should be cross-skilled across multiple technologies covering products like Firewalls, Web-Proxies, as well as cloud security products (AWS, Azure, GCP etc.)
• Should prepare weekly and monthly performance reports across multiple customer environments (people, technologies, Process Gaps, Risk, RAG status etc.)
• Should be able to conduct internal training to address the skill gap as well as motivate the team to do technical certifications.

Core Functions:

• Focus on technologies and bring automation capabilities.
• Regular reporting on the state of the customer delivery.
• Maintain KPIs for the teams and report on Service Improvement Areas to senior management
• Identify risks and maintain compliance with submission of client-facing reports.
• Focus on industry-based practices and configuration and guide the team to follow the same.

Individual Performance Measurement Criteria:

• Bring quality in service delivery and work on cross killing people to increase productivity.
• Quality and effectiveness in communications and engagement with stakeholders.
• Low / Zero Escalation from the customers
• Driving Innovation to improve Service standards & Quality.

Technical Skills:

Proficiency Level:

Understanding of the different security technologies, Experience in deploying, configuring and troubleshooting of

• Firewalls (Checkpoint)
• NAC – Aruba Clearpass
• Web application Firewall – Cloudflare
• Web-Proxy -Zscaler (ZIA/ZPA/ZDX)
• Email Security – Abnormal AI
• Load balancer – F5 BIG-IP

Experience in different Information Security Processes.

• Security Change Management
• Rule Base Reviews & Optimization
• Security Incident Management (Standard & Critical)
• Understanding of different Security Architectures.

Communication and Organizational skills:

• Good command of the English language, with excellent written and verbal skills.
• Proactive in communication and appropriate selection of audience according to topic.
• Highly organized and capable of tracking a variety of tasks to closure.
• Good time management principles and effective in prioritizing workloads.

Cultural Requirements:

• Works collaboratively with other teams and builds positive working relationships
• Able to learn quickly and apply common sense to new situations, but understand when it is appropriate to engage others for advice
• Open and transparent style and approach when working with other
• Places a significant level of importance on personal & team development and understanding then improving upon weakness
• Accepting feedback from managers, peers, and clients regarding work performance
• Utilizes a goal-oriented approach, which drives self-improvement both personally and professionally and drives the teams.
• Takes the initiative to work on tasks outside of his or her immediate scope of responsibility and encourages others to do so.

Experience Required:

• Minimum overall experience of 8-12 years
• Minimum of 8 years’ experience in Information Security
• Minimum of 6 years’ experience in running a Security Operations Center for a large organization.

Certifications Required:

• Industry-recognized certifications such as CCSA/CCSE, CCIE, or equivalent is highly desirable.