Network Firewall Analyst

Date Posted: 01/07/2025
Req ID: 41177
Faculty/Division: Ofc of the Chief Information Officer
Department: Information Security
Campus: St. George (Downtown Toronto)
Position Number: 00048063

Description:

About us:

The Information Security group, part of the Information Technology Services (ITS), provides expertise and services to protect the University of Toronto’s data and digital infrastructure assets.

Protection is achieved by identifying and reducing risk. Information Security staff engage with academic, research and administrative groups in a number of areas, including assessing the security of new and existing services, working with architects todesign and maintain security in online resources and offering detection and response capabilities to address cyber attacks.

The Information Security group offers a challenging and exciting environment to develop your skills and contribute to increasing the safety and reliability of our digital world.

Your opportunity:

Information Technology Services (ITS) at the University of Toronto is seeking a skilled Network Firewall Analyst to join our team. As a key member of our ITS team, you will play a critical role in protecting the University's digital assets and infrastructure from cyber threats. With over 200 IT professionals working together to provide University-wide IT services and systems, we're committed to maintaining the University's status as Canada's leading institution of learning, discovery, and knowledge creation.

As a Network Firewall Analyst you will monitor and analyze network traffic to identify potential security threats, configure and manage firewalls prevent attacks, and develop and implement automated solutions to streamline security processes. You will also collaborate with cross-functional teams to ensure seamless integration of security measures and stay up-to-date on emerging threats and technologies, providing expert guidance to the team.

Your responsibilities will include:

• Developing, maintaining, and ensuring the security of University networks
• Analyzing, troubleshooting and testing highly complex systems
• Deploy and operate network isolation/firewall services at network perimeters and devices: configure services, develop/install/test/review firewall rules using manual and automated methods
• Integrate firewall instance operations and reporting using firewall automation tools and scripting
• Using security threat detection tools, develop, install and test rules for detecting malware, phishing and other malicious network traffic
• Integrate external security detection and response tools with firewall services, eg. input and act on threat intelligence from MISP sources, output response information to reporting tools using API tools
• Collaborate with information security and IT staff to advise on rule deployment/tuning and metrics reporting

Essential Qualifications:

• Bachelor's Degree or acceptable combination of equivalent experience.
• Minimum five years experience with complex, heterogenous, campus and data centre networks
• Thorough understanding of IP networks including protocols, routing, NAT and other networking technologies
• Demonstrated understanding of critical network support applications like DNS and reverse proxies
• Experience with configuring and troubleshooting network security controls such as network and application firewalls and how to use them to protect against common threats such as SQL injections
• Excellent knowledge of packetcaptures, taking, decoding, and analyzing them with tools like wireshark or tcpdump
• Experience with infrastructure automation tools such as Puppet, Chef, Ansible
• Proficiency with Git for source code and configuration change tracking
• Understanding of continuous integration and deployment principles
• Strong analytical ability, attention to detail and problem solving skills
• Must communicate well both verbally and in writing and be able to explain technical concepts to non-technical personnel
• Ability to work both independently and in a team-oriented, collaborative environment

Assets (Nonessential):

• Basic understanding of web application development, coding languages (e.g., JavaScript, Python), or APIs to better understand how applications interact with WAFs and potential vulnerabilities
• Familiarity with cloud networking, network automation, DevOps and emerging network technologies
• Familiarity with security principles in cloud environments like AWS, Azure, or Google Cloud

To be successful in this role you will be:

• Diligent
• Organized
• Problem solver
• Resourceful
• Self-directed

Closing Date: 01/21/2025, 11:59PM ET
Employee Group: USW 
Appointment Type: Budget - Continuing 
Schedule: Full-Time
Pay Scale Group & Hiring Zone:
USW Pay Band 16 -- $101,539. with an annual step progression to a maximum of $129,851. Pay scale and job class assignment is subject to determination pursuant to the Job Evaluation/Pay Equity Maintenance Protocol. 
Job Category: Information Technology (IT)
Recruiter: Khristen Sivaramalingam

Lived Experience Statement
Candidates who are members of Indigenous, Black, racialized and 2SLGBTQ+ communities, persons with disabilities, and other equity deserving groups are encouraged to apply, and their lived experience shall be taken into consideration as applicable to the posted position.