Network Systems Specialist

City of Kitchener View all jobs

  • Kitchener, ON
  • $98,049-122,561 per year
  • Permanent
  • Full-time
  • 6 days ago
This website uses cookies to offer you a better browsing experience and personalized content. By continuing to use this website, you are consenting to the use of cookies. Modify Cookie PreferencesAccept All CookiesSearch JobsSearch JobsJob DescriptionNetwork Systems SpecialistEmployment Type: Regular Full TimeHours of Work: 35Job location: City HallPay: $98,049 To $122,561 AnnualGrade/Band: 10Job Posting Start Date: 4/9/26Job Posting End Date: 4/30/26Job Description:OverviewAs a Network Systems Specialist, you will design, implement, secure, and operate the City's enterprise network with a strong focus on next-generation firewalls and network security. You'll engineer and administer enterprise firewall platforms from major vendors and advance segmentation, VPN, and secure connectivity across data centers, remote sites, and cloud/hybrid environments. You will also be responsible for core switching and wireless across leading enterprise platforms, collaborating closely with Cybersecurity to maintain a security-first posture. Participation in an on-call rotation is required.ResponsibilitiesNetwork Security & Firewall Operations
  • Experience administering and deploying enterprise NGFW platforms (e.g. Palo Alto, Cisco, Fortinet, Check Point).
  • Configure and maintain policy lifecycle (e.g., NAT, security rulesets, IPS/IDS, URL filtering, threat prevention) aligned to industry best practices.
  • Perform policy reviews, risk assessments, upgrades, and posture optimization, maintaining standards and hardening baselines.
  • Design and operate segmentation, secure interconnects, and VPN solutions (site-to-site and remote access) to meet availability, performance, and security objectives.
  • Exercises sound judgement when implementing network changes, assessing risk, and responding to incidents to minimize service disruption and security exposure.
Network Design & Implementation
  • Design and implement LAN/WAN/Hybrid architecture, VLANs, and routing; experience with OSPF/BGP preferred.
  • Implement VPN solutions using IPSEC/IKE protocols (site-to-site and remote access), RADIUS integration and secure remote connectivity.
  • Deploy and support client-based VPN platforms such as Palo Alto GlobalProtect, Cisco AnyConnect, FortiClient, Aruba VIA, and other enterprise-grade secure access solutions.
  • Lead or support complex network upgrades, including modernization of legacy stacks.
Switching, Wireless & Edge
  • Administer, configure, and support enterprise wired/wireless infrastructure across leading vendor platforms (e.g., Cisco, cloud-managed solutions, HPE/Aruba).
  • Manage stacking, racking/cabling, AP placement, controllers, and site turn-ups, validating power, rack layout, cable management, and labeling standards.
Monitoring, Incident Response & Operations
  • Proactively monitor network performance, availability, and capacity, troubleshoot and resolve network-related security incidents in partnership with cybersecurity.
  • Experience with monitoring tools (e.g. SolarWinds, Auvik, LogicMonitor).
  • Experience with tools such as Wireshark to perform packets analysis.
  • Participate in an on-call rotation and support after-hours maintenance windows as required.
Standards, Documentation & Collaboration
  • Maintain as-built documentation, diagrams and SOPs, contribute to security standards and control implementation.
  • Maintain Visio/Draw diagrams and contribute to network standards and runbooks.
  • Collaborate with internal IT teams and vendor partners to validate designs, integrate solutions, and resolve complex issues.
  • Participates in the evaluation of network technologies and vendor solutions, providing technical input to support procurement and purchasing decisions.
  • Performs other related duties as assigned.
Education
  • 3-year Degree or Diploma in a related field (Computer Science, Engineering, or related technical discipline).
Experience
  • Minimum 2 years of experience including:
  • Enterprise network experience across multi-site environments including hands-on administration of next-generation firewalls.
  • Implementing and operating NGFWs with at least two major vendors (e.g., Palo Alto Networks, Cisco, Check Point, Fortinet) in production.
  • Demonstrated experience with enterprise switching and wireless (e.g., Cisco, cloud-managed solutions, HPE/Aruba)
  • Leading or contributing to network migrations/upgrades and security hardening initiatives.
  • Managing Hybrid infrastructure including Azure, AWS, Google Cloud etc.
Skill Equivalency (if applicable)Note: All interested applicants are encouraged to apply. In the event there is no successful applicant with the stated level of education and experience, other applicants will be considered if a combination of their education and experience meets the following pre-determined equivalency:
  • 2-Year Diploma (or 2-Year Specialized Post Secondary Program) with minimum 4 years' related and relevant experience or 4-Year Honours Degree with minimum 1 year related and relevant experience
Additional Requirements
  • Frequent after-hours work is required.
  • Ability to work an on-call rotation.
  • Valid MTO G class driver's license in good standing and ability to travel to various city locations.
Knowledge, Skills, and Abilities
  • Strong troubleshooting skills and the ability to diagnose complex, cross-domain issues.
  • Ability to mentor team members and share knowledge.
  • Excellent technical documentation and communication skills, able to collaborate with technical and non-technical stakeholders.
  • Strong written and verbal communication skills.
  • Security-first mindset with proven ability to balance risk, usability and operational efficiency.
  • Demonstrates professionalism, discretion and the ability to work effectively in a collaborative municipal environment.
  • Ability to perform hands-on work in data centers, communications closets, and City facilities, including occasional lifting and on-site troubleshooting.
  • Exposure to OSPF/BGP, VPNs, RADIUS, TCP/IP, DNS, DHCP, and LAN/WAN architecture.
  • Working knowledge of Windows Server/Linux, Active Directory, DNS/DHCP, and cloud networking (e.g. Azure) is an asset.
  • Reliable with a good attitude and employment record.
Department: COR-Corporate Services DepartmentDivision: COR-Technology Innovation and Services DivisionUnion Code: Non Union, ManagementReq Id: 802Job Code: 0106Number of Openings: 1Department: COR-Corporate Services DepartmentUnion Code: Non Union, ManagementReq Id: 802Job Code: 0106Number of Openings: 1© 2025 City of Kitchener | 200 King Street West, Kitchener, Ontario | Telephone: 519-741-2345: TTY: 1-866-969-9994×Cookie Consent ManagerWhen you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. Because we respect your right to privacy, you can choose not to allow some types of cookies. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer.Required CookiesThese cookies are required to use this website and can't be turned off.Show More DetailsRequired Cookies Provider Description Enabled
SAP as service providerWe use the following session cookies, which are all required to enable the website to function:
  • "route" is used for session stickiness
  • "careerSiteCompanyId" is used to send the request to the correct data center
  • "JSESSIONID" is placed on the visitor's device during the session so the server can identify the visitor
  • "Load balancer cookie" (actual cookie name may vary) prevents a visitor from bouncing from one instance to another

City of Kitchener

Similar Jobs

  • IT Support Specialist

    Communitech

    • Kitchener, ON
    • $30.00-35.00 per hour
    IT Support Specialist (Part-Time) Communitech helps tech companies start, grow, and succeed in Waterloo Region. We’re building a tech ecosystem that’s proudly local, globally a…
    • 7 days ago