Network LAN/Security Specialist
Our client in the public sector is currently undergoing multiple communication and distribution infrastructure improvement and upgrade projects at various Water facilities to bring the components to current industry standards, such as TW Data Center architecture design Upgrade, network equipment replacement life cycle projects and several network security upgrades. This Network Systems & Security Specialist will apply the knowledge and skills to provide guidance on these projects. The resource will be involved in various activities in these projects from site requirements gathering, planning, design, implementation, testing, commissioning, to audit of standards and maintain documentations
The primary responsibility of the Specialist shall be to provide support to the network equipment replacement projects, wastewater collections system network upgrades, network and security policy planning and documentation, control systems security policy planning and documentation, and control system security firewall/IPS upgrades; ensuring timelines are met and work being performed are meeting specified standards.
Duties
Reporting to the Sr. Systems Infrastructure Specialist, the Network and Security Specialist will provide technical guidance in the areas of routing, switching, firewall/IPS, network and control systems security, Splunk SEIM, WAN, mobility and wireless LAN. The candidate will execute the following
Operations
- Assist in development of business and technical requirements
- Assist in the development of network planning
- Assist in configuration and connectivity activities including test planning and cutover activities. Accountable to Management to ensure project commitments and deliverables are met.
- Perform ongoing network performance analysis to proactively manage network operations
- Provide recommendations regarding the improvements to network operations, project planning, and project implementation
- Perform ongoing and proactive assessments of the networks’ health
- Assist in developing capability to identify traffic patterns and behavioural trends of potential malicious wireless network traffic
- Develop, integrate and execute test plans for wireless assessments including scripts for automation.
- Perform assessments of Wireless LAN (WLAN) networks employing advanced security
- Stays abreast with new technology offerings and best practices as it relates to WiFi, and apply knowledge to recommend enhancements to existing wireless Networks
- Perform operational support for complex, wireless network deployments. Identify and document design/architecture best practices for adoption
- Perform installation, configuration, administration, and support of Solarwinds NPM, Splunk Network Management, analysis system Firepower, ISE, and Prime.
- Provide recommendations regarding the improvements to network operations, project planning, and project implementation
- Perform ongoing and proactive assessments of the networks’ health
Documentation
- Authors and maintains network documentation, including but not limited to standards, processes, security, topology, and inventory, to ensure high quality service and support on an ongoing basis
Projects and Planning
- Perform architectural planning and design, as well as configuration and integration support within project delivery and ongoing consultative engagements.
- Participate in or lead complex network design, performance engineering or problem resolution projects. Plan and lead broad-scope network projects, ensuring their timely and successful completion
- Gather, analyze, and evaluate business requirements and constraints, evaluate existing conditions, develop technical requirements, develop design document and drawings, develop implementation plan and configuration sets, develop verification/testing plan, create/update as-built network drawings.
- Prepare and submit budgetary figures and business case analysis leading to funding and implementation of enhancements to network systems
- Perform field verification, installation of network equipment and commissioning.
- Develop and document network architecture standards and strategies to promote the long-term stability, efficiency, and effectiveness of the Water facilities network with a focus on network and Critical infrastructure.
- Prepare network design reports and technical memo’s as required
- Provide technical guidance and expertise with the development of requirements for network performance monitoring tools, WLAN, WWAN, Unified Communications, and Firewall/IPS, SIEM and Cisco network equipment.
- Review and provide recommendation for VPLS and IPVPN WAN design.
- Prepare network design reports and technical memo’s as required.
- Continuously monitor, design, develop, and implement Cyber security position/posture to protect ICS infrastructure relating to Water/Wastewater.
Administration
- Represents Organization section in interactions with Water facilities.
- Performs related duties as required or assigned.
Travel
- The candidate will be required to travel within the GTA
Health & Safety
- The Candidate will be required to provide their own PPE (Personal Protective Equipment), including but not limited to hard hats, safety shoes, ear protection, vests, safety glasses.
Tools
- The candidate will be required to provide their own tools, including but not limited to wireless survey equipment, drill, screwdriver sets, etc. to perform their duties
Experience and Qualifications
- Post secondary education in computer science, information technology, or related discipline.
- Experience within a (ICS) Industrial Control Systems environment within the manufacturing or Water/Wastewater Treatment sectors.
- Cisco Certified Network Professional or Cisco Certified Internetwork Expert is a must have.
- Minimum of 10 years Cisco Enterprise design, configuration, implementation, and testing experience in Data Centre and Compass networks
- Experience designing, testing, implementing, supporting and documenting Cisco Identity Services Engine for Device Management and Network Access Control
- Experience with the planning, design and implementation of Cisco UCS and Nexus platforms
- Experience with industrial control systems network and security policy planning, development, documentation and implementation.
- Experience or certifications in Cyber Security (CISSP, CCNA-CyberOps, CCNP Security).
Must Have’s Qualification Requirements- | Must provide proof | |
Must have Cisco Certified Interrnetwork Expert (CCIE) in good standing. (The proponents must provide access to the candidates certification from the Cisco Certifications Tracking System) | ||
Must have a minimum of one of the following valid designations Certified Wireless Network Professional CWNP Certifications, Certified Wireless Design Professional CWDP, Certified Wireless Security Professional CWSP, or Certified Wireless Network Expert CWNE in good standing. | ||
Must have a minimum of one of the following valid designations Cisco Certified internetwork Expert security (CCIE Security) Cisco Certified Network Professional Security (CCNP Security), Cisco Certified Internetwork Expert (CCIE R&S), Cisco Certified Internetwork Expert (CCIE Wireless) and/or/preferred ISC2 Certified Information Systems Security Professional CISSP in good standing. | ||
Must possess a valid Province of Ontario Class “G” Driver’s and have access to a vehicle. Proponents must submit a copy of the Candidate’s driver’s license along with the submission. |
Technical Capabilities:
- Extensive knowledge in networking concepts, technologies, and protocols, including but not limited to routing protocols (OSPF, EIGRP, BGP), transport protocols (TCP/IP and UDP/IP), multi-access network (Ethernet), Spanning Tree, VLAN’s, VLAN trunking, EtherChannel, NAT, IPSec, GETVPN, SNMP, VSS, 802.1x, SSH, ACL, HSRP, NTP, QoS/CoS, Radius/TACACS+, ACI
- Knowledge and experience of WAN and WWAN technologies; specifically, TLS, VPLS, MPLS, private line, HSPA/HSPA+,Multisite ACI, SDN
- Knowledge and experience in enterprise networking including but not limited to data centre infrastructure, routing, switching, security, unified communications, mobility, wireless LAN and its implication and importance on business decisions is essential. Technologies to include VXLAN for Data Centre Disaster Recovery design.
- Experience with network planning, design, technology integration, implementation, and support of Cisco ASA/FP Firewall Active/Active or Active/Standby, IPS, and Firepower Management Center.
- Extensive knowledge of Splunk SEIM and other cyber security tools as related to Network Security and Critical infrastructure.
- Knowledge and experience with planning, installation, configuration, testing of Cisco Prime Element Management System and Network Monitoring system.
- Knowledge and demonstrated experience with Cisco products such as Cisco Catalyst 9×00, IE-3/4000 switches; Cisco, ISR and ASR series routers; Fire Power series , Virtual Switching System; and Complete Nexus Product line, Cisco ACI Architecture and Cisco DNA.
- Experience with developing technical requirements, design document and drawings, implementation plan, configuration sets, and verification/testing plan.
References:
A minimum of two (2) and up to three (3) client references of the Network Systems & Security Specialist who can attest to the reliability and the quality of the services provided, in each case include the following:
- Client organization’s name
- Contact person and title
- Brief description of the client’s relevant project (timelines, duration and services provided)
- Roles and responsibilities on the project
- Similarity of that project to the Assignment Duties
- Address, telephone number, e-mail should also be provided if available
The City may contact the references provided. Should any reference fail to confirm that the services listed in Section 3.0 were performed in a satisfactory manner; the Candidate may be declared non-compliant, and not considered for the remainder of the evaluation process.
4. Deliverables
- Prepare Request for Proposal, Request for Quotation as required
- Review RFP/RFQ questions and prepare RFP/RFQ responses
- Respond to Request for Information documentation as required
- Authors network design reports and technical memo as required
- Authors and maintains network documentation, including but not limited to standards, processes, security, topology, and inventory, to ensure high quality service and support on an ongoing basis
- Plan and lead broad-scope network projects, ensuring their timely and successful completion
- Gather, analyze, and evaluate business requirements and constraints, evaluate existing conditions, develop technical requirements, develop design document and drawings, develop implementation plan and configuration sets, develop verification/testing plan, create/update as-built network drawings.
- Prepare and submit budgetary figures and business case analysis leading to funding and implementation of enhancements to network systems
- Develop and documents network architecture standards and strategies to promote the long-term stability, efficiency, and effectiveness of company’s network systems.
- Review and provide recommendation for IPVPN WAN design.
- Review and provide recommendation for DR site network services design.
- Develop Operational technology security safeguards including Data Diodes and network segregation/segmentation.
The pay range that the employer reasonably expects to pay for this position is between CA$75.00 and CA$100.00
Our voluntary benefits offering includes medical, dental, vision and retirement benefits.
Applications will be accepted on an ongoing basis.
Tundra Technical Solutions would like to thank you for the interest you have demonstrated in this opportunity. However, only candidates with the required skills will be contacted.
Tundra Technical Solutions is an Equal Opportunity/Affirmative Action Employer. We welcome and encourage diversity in our workplace.
Not interested in this position, but know somebody who might be? Check out our Referral Reward Program, referrals are a big secret behind our success. As always, we’re on the lookout for great people. And we know that you know great people!
Tundra Technical Solutions is among North America’s leading providers of Information Technology and Engineering staffing and consulting services. Our success and our clients’ success are built on a foundation of service excellence. Rather than continually trying to sell to new clients and companies and simply filling databases with candidates, we focus on developing stronger relationships and deeper knowledge of our existing clients’ challenges and opportunities.
Open ears. Open minds. Open futures