Job Description

Pathway is hiring a Senior Network Engineer (CCIE or equivalent) in Markham to architect, implement, and optimize multi-site, hybrid (data center + cloud) networks for internal and client environments. You will own HLD/LLD, lead migrations and operations, and partner with security to deliver high-availability, secure, and scalable solutions aligned to business objectives

Type of Position: Permanent Full-time, on-site, five days a week
Availability on call/ after office hours 

Key Responsibilities
Network Engineering

• End-to-end design of resilient LAN/WAN/WLAN/SD-WAN/data center and hybrid cloud interconnects (hub-and-spoke, EVPN/VXLAN, IPv6, QoS, multicast where applicable).
• HLD/LLD ownership: diagrams, BoM, IP plans, routing policies, config standards/runbooks.
• Implementation & migrations: plan and execute greenfield builds, cutovers, upgrades with rollback plans.
• Routing & switching: expert policy design/troubleshooting for BGP/OSPF/IS-IS, ECMP, VRFs, ACLs, L2/L3 segmentation.
• Wireless: enterprise WLAN planning/optimization (surveys, RF design, 802.1X).
• Cloud networking (Azure-first): vNet/vWAN designs, Private Link/Endpoints, Route Server, ExpressRoute, Azure Firewall/WAF/App Gateway, Bastion; on-prem to cloud connectivity and segmentation.
• Observability & SRE: SNMPv3, NetFlow/IPFIX/sFlow, streaming telemetry, syslog; SLI/SLO dashboards; capacity planning and performance tuning.

Security Engineering & Compliance

• Network security controls: NGFW/IPS, WAF, DDoS, VPN/ZTNA, micro-segmentation (ACLs/VRFs/host-based), secure web/DNS.
• Access & segmentation: 802.1X/NAC and posture checks; privileged access boundaries; PKI/cert lifecycle for network services.
• Zero-Trust & SASE: identity-aware access, secure edge, policy-as-code; align with SOC/SIEM for telemetry (flows, DNS, firewall).
• Compliance & RCA: map controls to ISO 27001/SOC 2/HIPAA/PHIPA as applicable; lead RCAs and maintain hardening baselines.

Consulting, Ownership & Collaboration

• Translate business requirements into clear designs and options; present to stakeholders and obtain sign-off.
• Keep diagrams, inventories, as-builts, and runbooks current.
• Partner with PMO/operations to meet SLAs/OLAs; participate in escalation rota and maintenance windows.
• Mentor engineers; review changes for quality/risk.

Required Qualifications

• Certification: CCIE (any track) or equivalent expert-level certification (e.g., Fortinet NSE 7/8, Palo Alto PCNSE, Juniper JNCIE), or demonstrable expert-level experience.
• Experience: 8+ years in network engineering with 3+ years leading complex, multi-site or multi-tenant designs/migrations.
• Deep expertise in routing/switching (BGP, OSPF/IS-IS, MPLS/EVPN, QoS) and enterprise WLAN.
• Hands-on with network security (NGFW/IPS, VPN/ZTNA, NAC/802.1X, segmentation) and integrating logs with SIEM.
• Cloud networking: experience with Microsoft Azure (vNet/vWAN, ExpressRoute, Private Link, Azure Firewall/WAF/App Gateway); familiarity with other clouds is a plus.
• Excellent client-facing communication and documentation (HLD/LLD/runbooks/change notes).

Preferred Skills

• MSP/consulting background with multi-tenant operations and SLA ownership.
• Fortinet ecosystem: FortiGate, FortiManager, FortiAnalyzer, SD-WAN, IPsec/SSL VPN, ZTNA, EMS, FortiNAC, WLAN/AP/switch integration.
• Cisco ecosystem: Catalyst/Nexus, SDA/ACI, SD-WAN (Viptela), ISE/802.1X, ASA/FTD, Meraki switching/Wi-Fi/SD-WAN.
• Azure security integrations: Defender for Cloud, Sentinel, Azure Monitor/Log Analytics, NSGs/ASGs, Policy.
• Packet capture & protocol analysis: expert with Wireshark (display filters, TLS/SSL, TCP retransmits/latency, VoIP/RTP, 802.11), plus tcpdump, dumpcap, and (nice-to-have) CloudShark/Zeek.
• ITIL change/problem; disciplined incident and post-incident processes.
• EVPN/VXLAN leaf-spine, service-mesh; observability (Prometheus/Grafana) and capacity modeling.
• Familiarity with SASE/SD-WAN/ZTNA patterns across multiple vendors (e.g., Palo Alto, Check Point, Zscaler, Cloudflare, Aruba/Juniper/Arista).

Job Tags

Permanent employment, Full time, Work at office, Rotating shift,

Similar Jobs