Job Information

Find More Jobs

Director, Network Security Architecture


Waterloo, ON, CANADA
Share This Job:

Why join us?


Working at Sun Life Financial

Because you want a career where your talents are recognized and you're challenged to do your best, every day.

Why join Sun Life Financial? The reasons are as diverse as the people who work here.

  • Unlimited opportunity
  • Ongoing professional development
  • Dynamic work enviroment
  • Competitive salary, benefits and incentives
  • Global opportunities
  • Strong and supportive leadership
  • Flexible work arrangements
  • Employee fitness and wellness programs

You want to be engaged and passionate about what you do every day. You want to build a career with a company that does good work and accomplishes great things - a company that will give you every opportunity to be, and do, your best.

At Sun Life Financial, our people make the difference. We have a stake in your success and career satisfaction. Our goal is to attract and keep the best people in the industry.

If you want to join a leading, international financial services company, and you want to innovate, inspire and be inspired, look at what Sun Life Financial has to offer.

Embark on a bright future with Sun Life Financial

At Sun Life Financial, we work together, share common values and encourage growth and achievement. Join our talented diverse workforce and launch a rewarding career.

The Opportunity


Role Summary:
The Director of Network Security Architecture operates under the general direction of the AVP, Enterprise Network Services & Global Service Delivery and has primary responsibility for all of the security aspects surrounding the architecture, design, implementation and operation of Sun Life's network infrastructure globally.  This position contributes to Sun Life's operations and business objectives through the direct improvement of security practices within Enterprise Network Services.
Main Accountabilities:


The Director of Network Security Architecture provides leadership and in-depth technical expertise in developing and executing the Network Security strategy for Sun Life. This position defines the strategic framework for delivering a secure trust model enabled by the network fabric that improves Sun Life's security posture globally. Collaborating with many areas, this role develops and implements strategic initiatives and provides proactive advice with respect to securing the various client and server platforms we support. The Director of Network Security Architecture must be business-minded and focused on secure enablement of profit activities for Sun Life, architecting solutions that improve the ability of the organization to protect the confidentiality, availability and integrity of its information assets.

This Architect will collaborate with fellow Enterprise Architects responsible for various technologies to produce coherent technology strategies and deliver durable reference architectures.  This Architect will also lead the development of standards and reference architectures in the Network Services space, and have Subject Matter Expert (SME) level knowledge of security tools, trends, methodologies, and best practices for securing platforms and operating systems at the endpoint (server, workstations, handheld) and enterprise network level.  A thorough and current understanding of a wide range of threat vectors and their potential exploits against systems, network and their controlling software platforms is required. SME level knowledge of encryption and recovery best practices, two-factor authentication methods, and remote and guest access controls is required. With solid all-around Directory Services experience gained in Enterprise environments, the Director of Network Security Architecture has a critical role to play in helping define and validate related security standards, patterns and practices.
Chief among the many duties and responsibilities required of the Director of Network Security Architecture are:
  • Development and maintenance of the network security architecture, technology patterns  and roadmap priority used in the delivery of Enterprise Network services
  • Enforcement of  network security architecture and best practices design, implementation and operations standards
  • Development and evolution of the network trust model and standards (wired and wireless network, mobile, Cloud, network virtualization, etc.)
  • Assessment of proposed application and/or infrastructure design specifications to ensure alignment with documented security architecture, standards, patterns and industry best practice
  • Verification of delivered technical solutions against previously approved specifications
  • Architecture and design walkthrough with other architects and product stewards to effectively apply security principles as part of the design process, approving security configuration and installation of the overall solution
  • Determine security requirements by evaluating business strategies and  needs; researching information security standards; studying architecture/platform; identifying integration issues; preparing cost estimates and business cases
  • Maintain constant visibility of market technology and user trends, and influences vendors' roadmaps to prioritize features important to Sun Life's strategic objectives
  • Partner with Engineering, Operations, and Service Delivery workgroups for knowledge transfer on new technologies and to ensure successful and secure implementation of strategic projects
  • Represent WCT security concerns at Information Security forums and in development of standards and architectural patterns
  • Provide leadership participation in Major Incident Management calls
Work Experience:
  • Minimum of 10 years of progressive networking technology experience is required
  • Minimum of  3 years of experience as a security architect or principle engineer, focused on network security in a large enterprise is required
  • Bachelor of Science degree is required
  • Top-level IT industry security certifications such as CISSP are required
  • Vendor security certifications (CCNA, CCNP, CCIE) or equivalent work experience is required
  • MCSE or higher is required
  • Working knowledge of TOGAF or other architecture methodology is preferred
Product experience:
  • Cisco Switches & Routers in a large data center environments - Required
  • F5 Load Balancers, Checkpoint Firewall, Cisco ISE, Aruba Clearpass, Splunk, QRadar - Desired
  • Expert experience with Directory Services technologies (HW, OS, Application Integration, Meta-Directories)
  • Deep understanding of Microsoft PKI & Active Directory design integration, consolidation and management best practices
  • Experience with Identity and Access Management Solutions
  • Experience with Lotus Notes, Microsoft Exchange and IM
  • Deep understanding of various authentication patterns and practices across multiple devices, platforms and form factors
Technologies and configuration pattern knowledge:
  • Deep knowledge OSI layers 1-7, 802.1x is required
  • SME level knowledge of the available tools and best practices for securing common Infrastructure Services such as DNS, DHCP, Active Directory, Group Policy, PKI, Lync/OCS, Email, etc. is required
  • SME level knowledge of the best practices for securing virtualized environments built on various hypervisors (Oracle, VMWare, Microsoft, Citrix), and methods for ensuring data protection using both public and private cloud environments is required
  • Demonstrated knowledge of  MPLS, DWDM, SONET, VLAN, BGP, OSPF, HSRP, SIP, IPS/IDS
  • Extensive experience white boarding complex technical concepts both with technical peers and for educating less technical audiences is required
  • Extensive experience producing detailed and professional technical documents describing standards, architectures, or designs is required
  • Substantial experience participating in compliance audits, responding to their findings, and architecting to their frameworks is required
  • Substantial experience evaluating new technologies and validating reference topologies in a lab environment is required
  • Ability to de-construct and understand complex multi-tiered applications
  • Thorough understanding of cloud based authentication methodologiesCommunications
  • Zero trust and layered threat prevention models 
  • Superior written and verbal communication skills
  • Strong interpersonal skills and ability to work well with other teams, remaining professional, positive and patient at all times
  • Ability to effectively interact with and communicate at all levels with our business partners and senior leadership
  • Leadership and management skills demonstrating integrity and professionalism with an ability to develop close relationships with team members in several locations globally
  • Excellent analytical abilities and innovative problem-solving skills
  • Advanced reasoning skills with the ability to define problems, evaluate trends in analytical data, establish facts, and draw supportable valid conclusions
  • Demonstrated relationship management skills with an established track record of maintaining positive business relationships
  • Excellent understanding of ITIL v3 process framework
  • Detail oriented and committed to meeting deadlines
  • Must be flexible, dependable and able to multi-task
  • Stay calm in high risk, high pressure situations
  • Thrive in a fast-paced environment
  • Ability to travel regularly between Waterloo & North York facilities 

Location of this position can be Waterloo or Toronto Office.  

Enterprise Services, Working better together.
Our teams are dedicated to providing the services and technology our business partners need to help customers achieve lifetime financial security. Through innovation and collaboration, we're striving to continually find new and better ways to bring value to Sun Life. Enterprise Services has employees in Canada, Ireland, the U.S. and Asia.   We partner closely with groups and individuals throughout Sun Life Financial to provide products and services that deliver business value.
We thank all applicants for showing an interest in this position. Only those selected for an interview will be contacted.

Unposting Date

: Sep 2, 2014, 11:59:00 PM


:  IT - Application Development

Share This Job: