Network Security Engineer

About GHS

GlassHouse Systems (GHS) is an enterprise systems, and managed services solutions provider that develops, designs and deploys solutions for leading enterprises in Canada and the US.

For almost 30 years, GHS has delivered an enterprise-level of service and support to clients. Recognized with industry-leading awards each year, GHS translates this differentiation into positive client experiences.

We are looking for a Network Security Engineer to join our Toronto office. This is a full-time hybrid position.

As a Network Security Engineer, you will be working under the direction of the Network Security Manager to implement and support a wide variety of network and security technologies.

This will include participating in the design, deployment, configuration and troubleshooting of Network Security technologies such as Firewalls, IPS / IDS, NAC solutions and more.

What you'll do :

• Strong knowledge in installing, configuring, and managing the Palo alto, Cisco Firepower, FortiGate and Juniper vSRX Firewalls.
• Expert knowledge of TCP / IP, VLANs, Layer 3 switching, ACL's, Spanning Tree (MST / PVST), CatOS / IOS / NX-OS
• Strong working level knowledge of IP Networking. Routing protocols (OSPF, BGP), Segment Routing, QoS, IP VPN, VPLS, EVPN, VxLAN, NAT, etc.
• Experience with route / policy-based VPNs in multi-vendor environments (IPSEC, DMVPN, etc.).
• Experience in SDWAN deployment (implementation and troubleshooting)
• Experience using network analysis, diagnose problems, and determining traffic patterns.
• Experience with Palo Alto firewalls, App-ID, user-ID, content-ID and Global Protect
• In-depth understanding on IPsec VPNs, Global Protect VPNs, Security Profiles, Firewall implementation
• Experience in troubleshooting cloud network and security infrastructure solutions, including hybrid cloud connectivity, firewalls, load balancers, IPSEC VPN, etc.
• Demonstrated experience and success Engineering and Deploying LAN, WAN, Network Security etc.
• Experience in troubleshooting, isolate and correct service-affecting issues on the network in areas including but not limited to : routing protocols, routers, switches, firewall administration, MPLS, BGP, VPN, load balancing.
• Hands on knowledge and implementing network security in a hybrid cloud context, Cyber Security and Compliance engagements.
• Experience in building, interconnecting, and supporting networks with one of the cloud providers - Regions and Availability Zones.

Including working knowledge and hands-on experience of VPC connectivity, Transit Gateway, Direct link / connect methodologies.

• Perform infrastructure maintenance and upgrades to client environments.
• Incident management during critical events that impact the network, including internal and external communications, team coordination of repair and then root cause analysis efforts.
• Create and review the documentation of the current Cloud Network Architecture and developing Network solutions to enhance existing services.
• Perform technical assessments using industry standard toolsets for network, server, and security architectures.
• Communicate effectively with internal and external audiences with varying levels of technical expertise.
• Participate in the on-call rotation and be able to respond to critical or high severity alerts after hours and follow documented steps to address such issues.
• Participate with on demand after hours change implementation for new initiatives and or in support of incident management.

What you'll need :

• Bachelor's degree or equivalent
• Must have 5+ year experience working in large enterprises implementing hybrid cloud connectivity and enterprise security needs in the network context.
• Extensive support of Routing Protocols / Technologies such BGP, OSPF, MPLS VPN, Multicast.
• Demonstrated experience in LAN / WAN, MPLS, QoS, multicast and core networking discipline, including advance routing protocols like BGP and OSPF
• Experience with technologies such as : Palo Alto, FortiGate, Cisco Firepower and Juniper vSRX
• Ability to perform TCP / IP Network traces / packet captures with solid experience interpreting results.
• Ability to analyze packet captures using Wireshark and other related technologies.
• Experience with Firewall environments, IDS / IPS, NAC Management, SD-WAN, VPN, Firewalls, etc.
• Vendor certification
• Cisco (CCNA , CCNP)
• Palo Alto (PCNSA / PCNSE)
• Fortinet (FCA, FCP)
• Juniper (JNCIA-SEC)
• Excellent oral and written communication skills

Nice to Have :

• Experience in IT and Data Centre infrastructure strategies, solutions, and concepts
• Knowledge of Virtualization techniques (VMWare, Hyper-V)
• High Availability Technologies : HSRP, VRRP, MLAG, VSS, VPC
• Scripting Languages : Python
• Advanced Configuration of Juniper vSRX Firewall
• Strong troubleshooting experience
• Experience in ITSM ticketing tool Service Now

Personal Attributes :

• Excellent verbal and written communications skills
• Strong team player and enjoys working in a fast-paced team atmosphere
• Ability to manage priorities, commitments and projects
• Must be able to grasp highly technical concepts quickly
• Passionate about cybersecurity concepts and technologies

What you'll get : Competitive salary

Competitive salary

Health benefits (medical, vision, dental)

Life insurance

Pension plan

Professional development

Amazing company culture

Free parking

Gym on-site

Join a team of professionals led by a diverse set of leaders from across the industry.

GlassHouse Systems commitment :

We believe that a diverse team is the key to innovation and growth. We are an equal opportunity employer that values diversity at our company and encourages all candidates to apply.

We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

GlassHouse Systems Inc. ( GHS ) welcomes and encourages applications from persons with disabilities. Reasonable accommodations are available on request for candidates taking part in all aspects of the recruitment process.

Please contact Einat Levi-Israeli at elevis @ghsystems.com should you require any accommodation if you are selected for an interview or require an accessible format of the job posting or any communications from GHS.

Please note that all candidates have to be legally eligible to work in their location.

Any offer of employment will be conditional upon a criminal record check.

GlassHouse Systems thanks all candidates for their interest, however only those selected to continue in the process will be contacted.

Recognize Yourself Here? Let's Talk!