Apply on Kit Job: kitjob.ca/job/2frx8l

Choose a workplace that empowers your impact.

Join a global workplace where employees thrive. One that embraces diversity of thought, expertise and experience. A place where you can personalize your employee journey to be – and deliver – your best. We are a purpose-driven, dynamic and sustainable pension plan. An industry leading global investor with teams in Toronto to London, New York, Singapore, Sydney and other major cities across North America and Europe. We embody the values of our 665,000 members, placing their best interests at the heart of everything we do. Join us to accelerate your growth & development, prioritize wellness, build connections, and support the communities where we live and work. Don’t just work anywhere — come build tomorrow together with us.

Know someone at OMERS or Oxford Properties?

Great! If you're referred, have them submit your name through Workday first. Then, watch for a unique link in your email to apply.

Core Responsibilities

Palo Alto Firewall (Primary Skill)

- End to end ownership of Palo Alto firewalls (physical & virtual), managed via Panorama, including operations, engineering, upgrades, refreshes, and migrations
- Design, implement, and maintain firewall policies, NAT, routing, VPNs, and traffic flows using Panorama based centralized management
- Strong hands‑on expertise with Palo Alto security profiles, including Antivirus, Antispyware, Vulnerability Protection, URL Filtering, File Blocking, Wildfire, DoS Protection, and Security Profile Groups, with experience tuning and optimizing policies
- Troubleshoot complex firewall and connectivity issues across on prem and cloud environments using Panorama and device level analysis

Security Policy Management & Automation

- Hands‑on experience with security policy management and automation platforms, with AlgoSec preferred
- Perform firewall change automation, policy analysis, and governance using enterprise security policy management tools
- Support policy optimization, cleanup,



and recertification to reduce risk and improve firewall posture
- Conduct risk analysis and rule impact assessments as part of change and compliance processes
- Experience with equivalent platforms such as Tufin, FireMon, or similar tools is acceptable

Cloud Networking & Security

- Strong understanding of multi cloud networking principles
- Hands‑on experience with Azure networking, including VNETs, NSGs, UDRs, routing, and hybrid connectivity
- Working knowledge of Azure application security, including: Azure WAF (OWASP rule sets, exclusions, WAF log analysis), Application Gateway, and Front Door
- Understanding of GCP networking and security, including VPCs and Cloud Armor

Security Operations

- Monitor firewall health, logs, and alerts, support security incident response
- Maintain change records and compliance documentation
- Collaborate with SecOps and Cyber teams on investigations and remediation

Required Experience

- 5+ years of hands‑on experience with Palo Alto Networks firewalls, covering operations, engineering, upgrades/refreshes, Panorama administration, and implementation of security profiles
- Hands‑on experience with firewall security policy management and automation platforms, with AlgoSec strongly preferred; experience with Tufin, FireMon, or similar tools is acceptable
- Working knowledge of Azure Web Application Firewall (WAF), including OWASP rule sets, managing exclusions, and WAF log analysis
- Experience supporting cloud networking and security in Azure and/or GCP
- Solid network security fundamentals, including routing, security controls, and enterprise traffic flows




- Ability to work independently in an operational and engineering environment

Preferred Certifications

- Palo Alto Networks (PCNSE / NSE / NSA)
- AlgoSec (AFA / AFF Expert)
- Azure Network Engineer Associate (or equivalent)

We believe that time together in the office is important for OMERS and Oxford, the strength of our employees, and the work we do for our pension members. In delivering on our pension promise, keeping us connected to our work and each other, our flexible hybrid work guideline requires teams to come in to the office 4 days per week.

This posting is for an existing vacancy.

The expected salary range for this position is $86,000.00 - $130,000.00 per year, prorated based on the term of the contract.

You may also be eligible to receive an annual Incentive Award pursuant to our Short-term Incentive plan and our Long-Term Incentive plan (if applicable), and to participate in our group benefits and retirement plans – details on these elements of compensation are included within OMERS & Oxford offer letters.

As one of Canada’s largest defined benefit pension plans, our people-first culture is at its best when our workforce reflects the communities where we live and work — and the members we proudly serve. From hire to retire, we are an equal opportunity employer committed to an inclusive, barrier-free recruitment and selection process that extends all the way through your employee experience. This sense of belonging and connection is cultivated up, down and across our global organization thanks to our vast network of Employee Resource Groups with executive leader sponsorship, our committee and employee recognition programs.

Artificial intelligence (AI) tools are used to support certain stages of the OMERS recruitment process. While AI assists us in our process, human judgment and decision-making remain central to our candidate experience.

#J-18808-Ljbffr

Apply on Kit Job: kitjob.ca/job/2frx8l

📌 Senior Network Security Engineer (15 Months Contract) (Toronto)
🏢 OMERS
📍 Toronto