Infrastructure Analyst (Network Security)

Job Posting Title

Infrastructure Analyst (Network Security)

Job Category

Infrastructure

Language Requirements

English / Anglais

Flexible Work Agreement Type

Hybrid / Hybride

Posting End Date

2026-07-13

Job Grade

PIPSC-3

Pay Range

$111,451 - $140,007

Job Summary

The Infrastructure Analyst plays a key role in protecting, supporting, and enhancing NAV CANADA’s enterprise network security infrastructure to ensure the availability, integrity, and reliability of critical operational systems. Our team works with advanced security technologies, including next-generation firewalls, VPNs, web application firewalls, intrusion detection and prevention systems, and load balancing solutions to safeguard essential services.

As an Infrastructure Analyst, you will handle day-to-day incidents and service requests related to enterprise network security infrastructure, ensuring timely resolution and continuity of services. You will support ongoing infrastructure and security initiatives, including the implementation of changes to firewalls, VPNs, and related security platforms across enterprise environments. In addition, you will monitor and investigate security activity, helping identify and address potential issues to maintain the stability and protection of critical systems.

This role offers the opportunity to enhance and secure infrastructure that is vital to air traffic control operations, while contributing to lifecycle management, continuous improvement, and compliance with NAV CANADA’s security standards.

Job Description

What NAV CANADA offers you:

• Challenging, team-oriented work environment
• Competitive compensation and benefits
• Defined benefit pension plan
• Opportunities for growth and development
• Flexible work arrangements
• Diverse and inclusive workforce

Key Accountabilities

• Configure, maintain, and support network security infrastructure including next-generation firewalls, web application firewalls, VPNs, load balancers, IDS/IPS, and related security systems.
• Implement approved firewall rule changes, NAT configurations, and VPN updates to support IT environments.
• Ensure the ongoing security, availability, and stability of perimeter and internal network security controls.
• Manage day-to-day security operations, including service requests, access changes, and policy updates across enterprise environments.
• Monitor security alerts, logs, and events to detect threats, investigate anomalies, and escalate or respond to security incidents as required.
• Perform troubleshooting and root-cause analysis for network security and connectivity issues to minimize service disruption.
• Maintain perimeter security controls and proactively support remediation of identified vulnerabilities and risks.
• Participate in planned infrastructure and security changes by executing implementation tasks and validating successful deployment.
• Maintain accurate and up-to-date technical documentation, including firewall rules, configurations, procedures, and change records in accordance with security standards and policies.

Job Requirements

Education:

• Degree from a recognized university or community college with an acceptable specialization in computer, electrical engineering, systems engineering, computer science or information systems, or an acceptable combination of other relevant education, experience, and training.

Experience:

• 3+ years of hands-on experience configuring, administering, and supporting enterprise network security platforms, including firewalls, VPNs, IDS/IPS, and NAT policies.
• 3+ years of hands-on experience configuring and supporting enterprise firewall platforms (Check Point, Palo Alto, Fortinet, Cisco) in medium-sized and large-scale enterprise environments.
• 3+ years of experience operating and maintaining security appliances in a day-to-day production environment, including monitoring, troubleshooting, and incident support.
• Recent experience within the last 5 years supporting, maintaining, troubleshooting, and optimizing network security infrastructure in medium-sized and large-scale enterprise environments.
• Experience implementing firewall policies, security rules, network segmentation, and access controls in an IT environment.
• Experience responding to security incidents, investigating network security events, and performing root-cause analysis.

Knowledge:

• Strong understanding of networking fundamentals and network security technologies.
• Experience configuring and managing Next-Generation Firewalls (NGFW), VPN technologies, Web Application Firewalls (WAF), and IDS/IPS solutions.
• Strong knowledge of firewall policy management, NAT (Network Address Translation), routing protocols, access control lists (ACLs), and network traffic flows.
• Knowledge of security zoning and network segmentation practices used to protect critical systems within enterprise or hybrid cloud environments.
• Familiarity with current network security threats, vulnerabilities, and industry best practices.
• Knowledge of ITIL processes and procedures, as well as experience using ITSM tools in an operational support environment.
• Experience reviewing and analyzing security, firewall, and system logs to identify anomalies, suspicious activity, and potential threats.

Abilities:

• Ability to configure, manage, and troubleshoot multiple network security policies and firewall rule sets across complex environments.
• Ability to diagnose and resolve network connectivity, security, VPN, routing, and firewall-related issues to maintain service availability.
• Ability to monitor and enforce network security controls, including firewalls, ACLs, VPNs, and intrusion prevention systems.
• Ability to investigate security incidents, analyze network traffic, and perform root-cause analysis to support remediation efforts.
• Ability to create and maintain network diagrams, technical documentation, and operational procedures.
• Ability to work collaboratively with cross functional teams to support security, compliance, and operational objectives.
• Ability to communicate technical findings, risks, and recommendations clearly to both technical and non-technical stakeholders.
• Ability to proactively identify operational improvements and security enhancements to strengthen network security posture.

Personal Suitability:

• Strong team player, effectively collaborating with cross-functional teams to achieve shared goals.
• Flexible and adaptable, managing shifting priorities and changing demands with a positive attitude.
• Hands-on problem solver, addressing immediate challenges while keeping long-term objectives in mind.
• Proven leader, successfully leading projects, and guiding teams to successful completion.

Working conditions:

• Occasional Travel required.
• On-call maybe required for this position.
• This position is a hybrid position based at Ottawa Technical Systems Centre (TSC) – with a minimum 3 days per week on site.

NAV CANADA is committed to building a skilled, diverse workforce reflective of Canadian society. If you do not believe that you match every job requirement listed on this job posting, we still encourage you to apply. NAV CANADA encourages a culture of learning and growth, and recognizes that although some technical skills are mandatory, many others can be taught.

Our Company strives to create an inclusive and barrier-free selection process and work environment. If you require accommodations during this competition process, please ensure that you inform the interview coordinator or hiring manager of any accommodation measures you may require. NAV CANADA will provide accommodations throughout the recruitment and selection process to applicants with disabilities as required.

The successful candidate must meet the security requirement of the position and be legally able to work in Canada.

We thank all applicants for their interest; only those selected for next steps will be contacted.

-