This job board retrieves part of its jobs from: Texas Jobs | Nevada Jobs | Ottawa Jobs

Find jobs in Ottawa today!

To post a job, login or create an account |  Post a Job

  Jobs in Ottawa  

Bringing the best, highest paying job offers near you

previous arrow
next arrow

Expert Network Security Architecture

Canadian National Railway

This is a Contract position in Ottawa, ON posted November 19, 2020.

Job Summary

The purpose of this role is to evaluate network solutions, configurations, and designs against security requirements, and define cybersecurity reference architectures and standards for all network environments at CN.

Main Responsibilities

Network Security Architecture Practice 

  • Put in place the proper sets of network security architecture controls to manage safety and security risk while enabling the business for technology systems such as: service-oriented-architectures; cloud technologies and containers; advanced analytics; AI; Industrial IoT;, networking infrastructure; mobile technologies; etc.
  • Ensure the network security architecture is maintainable, sustainable and properly documented.
  • Maintain and build relevant, current, valid and reliable team knowledge related to network security architecture.
  • Facilitate key decisions involving network architecture and technologies.
  • Advance security team accomplishments and competence by planning delivery of solutions; answering technical and procedural questions for less experienced team members; teaching improved processes; mentoring team members.
  • Ensure the full documentation of security designs, as built architectures and operational processes through clear diagrams and well-written documents.

Network Security Roadmap and Strategy

  • Collaborate with the CISO, Sr Mgr Network Security Architecture, cybersecurity team, portfolio managers, other architects, and I&T leadership to understand the business direction and consequent impact on the security posture. 
  • Define the proper course of action and investment strategy by building business cases and security roadmaps.
  • Engage the network security vendor ecosystem to understand capabilities and limitations to drive improvements in the security posture of current products, and assist in the selection of the right partners.
  • Continuously monitor and evaluate the environment through self-assessments and independent security reviews. Enable management to identify deficiencies and inefficiencies and to initiate improvement actions though security roadmap and strategies.



  • Bachelor’s degree in Computer Science, Computer Engineering, Electrical Engineering, System Analysis or other relevant field
  • At least one recognized network security certification: e.g. Certified Information Systems Security Professional (CISSP), GIAC Certified Enterprise Defender (GCED), Cisco Certified Internetworking Expert (CCIE) – Security, Palo Alto Networks Certified Network Security Engineer (PCNSE), etc.
  • Architecture related certifications (TOGAF, Zachman, CISSP-ISSAP, etc.) preferred


  • Ability to define and organise an architecture security apparatus in reusable building blocks: patterns, services, components, capability models, etc;
  • Demonstrated capability to understand the security implications of complex business operations and how they are linked to technological solutions that provide practical risk mitigation and business enablement;
  • Strong knowledge of the processes, methodologies, tools and techniques, used for building large information technology systems;
  • Proven experience in applying a structured approach to problem resolution in large, geographically dispersed organizations with 24/7 operations;
  • Strong knowledge of the technologies and architecture principles required to secure complex network environments such as: 802.1X, Cisco ISE, packet capture and analysis, NetFlow, SFlow, NGFW, Zero Trust, VPN, VLANs, IDS, IPS, ACLs, device authentication, network behavior anomaly detection, SOAR, firewall configuration management, DDoS protection, etc;
  • Deep understanding of network protocols and standard approaches for network segmentation.
  • Ability to derive security requirements from vaguely formulated business needs;
  • Ability to interact with a broad cross-section of personnel to explain and enforce security measures
  • Excellent written and verbal communication skills;
  • Detail-oriented self-starter with a high level of commitment and personal motivation;
  • Knack for prioritizing tasks and working in a fast-paced environment;
  • Knowledge of standards, regulations and legislation governing Information Security, e.g. NIST, ISO 27001, OWASP;


  • Minimum 12 years overall IT work experience 
  • Minimum 8 years network security experience 
  • Minimum 5 years experience in network security architecture

Assets (if applicable)

  • Virtual appliance configuration experience
  • Experience with Agile and DevOps methodologies 
  • Knowledge of general IT security architecture and technologies including: service-oriented-architectures, mobile technologies including Mobile Device Management (MDM), data-centric design, advanced analytics, AI, Identity and Access Management (IAM) lifecycles, Digital Forensics, End Point Encryption, Encryption Key Management, Database Security, Enterprise Directory Services, IDS, IPS, Next Generation Firewall, Application Firewall, Enterprise Password Vaults , Cloud SaaS /PaaS/IaaS Security, SIEM, etc.
  • In depth understanding of infrastructure and network architecture and design, LAN/WAN implementation, and Windows/Linux environments
  • Deep knowledge of security foundations: cryptography, Root of Trust, security models, etc. 
  • Railroad, transportation, or Global industrial experience is a significant plus

Working Conditions 

Occasional business travel (Canada and US) in accordance with CN policy 

CN is an employment equity employer and we encourage all qualified candidates to apply. We thank all applicants for their interest, however, only candidates under consideration will be contacted. Please monitor your email on a regular basis, as communication is primarily made through email.