Senior Network Security Design Specialist

Company Description

ADGA Group is a proudly Canadian-owned and operated defence and security technology company. Our core services include value-added program management, agile software engineering development, and integrated security solutions. As an industry partner to the Canadian Government and Canadian Armed Forces (CAF) for decades, ADGA is actively supporting ongoing and emerging requirements for operational readiness, reconstitution, and modernization. 

For decades, we have recruited veterans to integrate their unique skillsets and highly specialized training into our workforce and work culture. At ADGA, we are united by our social purpose to create meaningful employment opportunities for veterans of the CAF and RCMP, their families, and fellow citizens who share a passion to contribute to the security and well-being of Canadians.

ADGA’s social purpose empowers us to reinvest in our employees (e.g. profit-sharing and employee-centric programs) as well as to donate generously to veteran and military family causes in our community (e.g. Soldier On and Veterans’ House).

Join our team at ADGA, where we prioritize your success by fostering internal movement and growth in a safe, inclusive and agile work environment. We offer a wide variety of career and developmental opportunities, including the option to work on different projects and technologies, on-the-job training, cross-training, access to business and technical online courses, and formal education subsidies.

Job Description

ADGA is hiring a full-time Senior Network Security Design Specialist to work on the Data Center Security Engineering within our Networks and Security Branch. The Senior Network Security Design Specialist will contribute to the planning, designing, testing and implementing infrastructure security solutions.

The Senior Network Security Design Specialist will be responsible for:

• Providing infrastructure security engineering and integration services to projects, including planning, designing, building and deploying a Web Application Firewall (WAF) solution in a complex enterprise infrastructure.
• Knowledge in Intrusion detection and prevention on services related to Data Center Security Engineering (Network zoning and segmentation).
• Creating and maintaining documentation. (system configurations, system designs, service artifacts, etc.)
• Knowledge of industry product feature sets/architectures from major vendors of Web Application Firewall solutions.
• Deep understanding of the application layer and the functionalities and the integration with Web Application Firewall solutions.
• Gathering appropriate requirements and working with various clients and stakeholders.
• Providing technical advice in support of procurement of infrastructure security solutions.
• Representing the work unit in working groups, project meetings and joint design sessions.
• Providing advice, guidance and recommendations to management.
• Applying defined engineering and integration processes, best practices and standards to ensure consistent designs.
• Reviewing, analyzing, and/or applying: Architectural methods, frameworks, and models such as TOGAF, US government FEAP, Canadian government BTEP and GSRM, Zachman, UMM
• Reviewing, analyzing, and/or applying a broad range of security technologies including multiple types of systems and applications architectures, and multiple hardware and software platforms, including:
  • Directory Standards such as X.400, X.500, and SMTP
  • Operating Systems such as MS, Unix, Linux, and Novell
  • Networking Protocols (for example, HTTP, FTP, Telnet)
  • Network routers, multiplexers and switches
  • Domain Name Services (DNS) and Network Time Protocols (NTP)
• Reviewing, analyzing, and/or applying secure IT architectures, standards, communications, and security protocols such as IPSec, SSL, SSH, S-MIME, HTTPS
• Reviewing, analyzing, and/or applying IT Security protocols at all layers of the Open Systems Interconnection (OSI) and Transmission Control Protocol/Internet Protocol (TCP/IP) stacks
• Reviewing, analyzing, and/or applying the significance and implications of market and technology trends in order to apply them within architecture roadmaps and solution designs. (examples: web services security, incident management, identity management)
• Reviewing, analyzing, and/or applying Best practices and standards related to the concept of network zoning and defence in-depth principles
• Reviewing, analyzing, and/or applying IT Security protocols at all layers of the Open Systems Interconnection (OSI) and Transmission Control Protocol/Internet Protocol (TCP/IP) stacks
• Analyzing IT Security statistics, tools and techniques
• Analyzing security data and provide advisories and reports
• Preparing technical reports such as requirement analysis, options analysis, technical architecture documents, mathematical risk modelling
• Briefing senior managers
• Providing security architecture design and engineering support
• Conducting data security designation/classification studies
• Preparing tailored IT Security alerts and advisories from open and closed sources Complete tasks directly supporting the departmental IT Security and Cyber Protection Program.
• Developing and delivering training material.

Qualifications

1. A minimum of a three year college diploma(computer science or other IT related field; OR
   a university degree at the Bachelor level in Information Technology or other IT related field; OR
   A minimum of LEVEL years (in the last 15 years) work experience in the IT field.
2. 10 + years of experience performing tasks similar to those listed in the Job Description
3. A minimum of five (5) years within the last eight (8) years of experience fulfilling the role of an IT Security Design Specialist (Architect) in a Federal Government of Canada department considered part of the Public Safety Portfolio or Security and Intelligence Portfolio.
4. Must have a minimum five (5) years within the past eight (8) years architecting IT security solutions to meet client requirements including gathering business and functional requirements and developing and presenting solutions to meet those requirements.
5. Must have three (3) years of experience within the last five (5) years architecting and providing solutions for Secret and Below Interoperability (SABI).
6. Must have experience within the past five (5) years preparing private sector, government departments and agencies for certification to ITSG-33 or NIST-800-53.
7. Must have experience within the past five (5) years performing design and architecture for cross-domain solutions within the private sector, government departments or agencies.

Must have experience within the past five (5) years perform design and architecture with data diodes or cyber tap within the private sector, government departments or agencies.

Additional Information

Work-Life Balance  

We strongly support a healthy and productive work-life balance. This starts with a flexible approach to work, and policies designed to support employees through their day-to-day routines and major life events. For example, we offer a Maternity/Parental Top-Up (up to 52 weeks) and a Reservist Leave Top-Up (up to 180 days). 

Belong@ADGA  

ADGA continuously strives to integrate advanced Diversity, Equity & Inclusion (DEI) approaches and practices into our work culture. Our employee-based DEI Committee explores activities and invites discussions that foster an environment where all employees feel valued, respected, and heard.

Compensation  

Above and beyond our commitment to offer a competitive base salary, ADGA has a company-wide profit-sharing plan for all full-time and part-time employees.

Comprehensive Benefits and Total Rewards  

We offer a comprehensive benefit program, providing employees with the choice between base or enhanced plans. Depending on the plan, ADGA pays for Health & Dental, a Health Spending Account, Short-Term Disability, an Employee Assistance Program, and a Telemedicine service. Also offered: discounts on gym memberships, 5,000+ perks through Perkoplis, a Deferred Profit Sharing Plan, and access to a wide range of other employee-centric services and savings programs.