1. Home
  2. Lead Cloud Network Security Specialist – Azure, Edge & Hybrid Connectivity

Offers “CGI”

New
CGI

Lead Cloud Network Security Specialist – Azure, Edge & Hybrid Connectivity

  • Montréal, CANADA
Apply Now

Job description

Position Description:

Missions
We are looking for a hands-on Lead Cloud Network Specialist to design, implement, secure, and automate network, egress, and edge services on Azure. The ideal candidate will have strong hands-on expertise in core networking, with solid foundational knowledge in networking and security, and proven experience in Azure networking services, hybrid connectivity, network security, and performance optimization.
You will leverage strong Cisco routing, switching, and security expertise as a foundation to manage routing (Cisco) and Azure network services (including Azure Firewall). Responsibilities include optimizing Azure CDN and Azure Front Door, securing web access through Squid and Skyhigh Secure Web Gateway/Proxy, managing allow/deny lists, and handling operational lifecycle tasks such as TLS certificate renewals and image upgrades for network/security appliances.
You will codify infrastructure using Terraform, ensuring resilient, observable, and compliant operations. You will also implement monitoring and alerting frameworks and enforce Azure Policy and governance standards.
Profile
Mandatory Skills
-Squid Proxy
-Azure Front Door
-Azure CDN
-Azure Firewall
-Terraform (Infrastructure as Code)
-Cisco Routing & Switching
-Secondary Skills
-Network security expertise
-Web Application Firewall (WAF)
-Fortinet
-CheckPoint
Key Responsibilities
Architecture and Design
-Design cloud and hybrid network topologies (hub-and-spoke, vWAN), IP addressing schemes, UDRs/route tables, and peering aligned with zero-trust principles
-Design and support hybrid/cloud architectures using Cisco routing (BGP, OSPF, route redistribution, ECMP, VRFs)
-Define ingress/egress patterns using Azure Firewall, NSGs, and route control
-Build and maintain Azure networking components: VNets, subnets, NSGs/ASGs, route tables, Private Links, Load Balancers, ExpressRoute/SD-WAN
-Architect Azure Front Door (global load balancing, routing, health probes, origin groups, custom domains)
-Optimize Azure CDN caching strategies (TTL, compression, rules engine)
-Establish secure internet access using Skyhigh Secure Web Gateway (SSL inspection, policies, PAC files, exceptions)
Implementation and Operations
-Configure advanced Cisco routing (BGP, OSPF, filtering, ECMP) across hybrid environments
-Deploy and manage Azure Firewall (policies, DNAT/SNAT, Threat Intelligence, IDPS, TLS inspection) with logging integration
-Build Azure Front Door endpoints, routing rules, and CDN integrations
-Implement and manage Squid Proxy and Skyhigh SWG (SSL inspection, filtering, caching, ACLs, PAC files)
-Design and manage VNets, subnets, NSGs, and route tables
-Implement application delivery services (Traffic Manager, Load Balancer, Application Gateway)
-Configure VPN Gateways, ExpressRoute, and Azure Virtual WAN
-Troubleshoot connectivity, routing, and latency issues
-Manage DNS zones, Private Endpoints, and network peering
-Monitor performance using Azure Monitor, Network Watcher, and Traffic Analytics
-Collaborate with architecture, security, and DevOps teams
-Ensure compliance with security standards and zero-trust segmentation
-Participate in incident response and root-cause analysis
Operational Governance
-Manage allow/deny lists (URLs, FQDNs, IPs) across Firewall, SWG, and WAF with audit controls
-Own TLS certificate lifecycle (inventory, renewal, rotation, deployment)
-Plan and execute image/AMI upgrades for firewalls, proxies, and appliances (testing, rollout, rollback)
-Troubleshoot L3–L7 issues using packet capture, logs, and monitoring tools
Automation and Infrastructure as Code
-Develop Terraform modules for Azure networking components (VNets, Firewall, Front Door, CDN, etc.)
-Implement CI/CD pipelines (Azure DevOps/GitHub Actions) with validation, policy enforcement, and drift detection
-Script automation (PowerShell, Python, Bash) for network updates, certificate management, and compliance
-Integrate observability tools (Azure Monitor, Log Analytics, Sentinel, Splunk, Grafana) with defined SLOs
Governance, Security and Compliance
-Enforce baseline configurations, RBAC, secrets management, and change control (ITIL)
-Drive vulnerability remediation and support penetration testing activities
-Maintain documentation (runbooks, diagrams, inventories)
-Provide L3 support and knowledge transfer .

      CGI provides a reasonable estimate of the salary range for this position. This range is determined based on various factors, including skill level, geographic market, experience, education, as well as professional licenses and certifications. Compensation decisions are made on a case-by-case basis, a reasonable estimate for the salary range of this position is between $60,000 and $115,000. This position is currently open.

Bilingualism (French and English) is required for this position due to the nature of the role requiring interaction with national and global clients.

Skills:

·  English
·  French
·  Infrastructure as a Code
·  PowerShell
·  PowerShell
·  Python

What you can expect from us:

Together, as owners, let’s turn meaningful insights into action.

Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, you’ll reach your full potential because…

You are invited to be an owner from day 1 as we work together to bring our Dream to life. That’s why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company’s strategy and direction.

Your work creates value. You’ll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise.

You’ll shape your career by joining a company built to grow and last. You’ll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons.

At CGI, we value the strength that diversity brings and are committed to fostering a workplace where everyone belongs. We collaborate with our clients to build more inclusive communities and empower all CGI partners to thrive. As an equal-opportunity employer, being able to perform your best during the recruitment process is important to us. If you require an accommodation, please inform your recruiter.

To learn more about accessibility at CGI, contact us via email . Please note that this email is strictly for accessibility requests and cannot be used for application status inquiries.

Come join our team—one of the largest IT and business consulting services firms in the world.

Make every future a success.
  • Job directory
  • Business directory
    •