About CriSys Limited
CriSys Limited develops mission‑critical software and systems for Fire, Police, Ambulance, and Disaster Response agencies. For over 35 years, our platforms have supported emergency communications and operations in more than 100 Canadian municipalities. We build primarily on open‑source technologies and modern Java stacks, with a strong focus on security, compliance, and data protection.
Role overview
We are hiring a System Support Technician to keep our customers’ systems reliable, secure, and compliant. You will deploy and support Linux‑based and cloud‑hosted environments, monitor and troubleshoot our application suite, and work closely with development and project teams on implementations and production issues.
This role blends systems administration, cloud/SaaS support, observability and security tooling, and customer‑facing work in highly regulated public‑safety environments.
Key responsibilities
- Install, configure, monitor, and maintain environments running our application suite on AlmaLinux and Red Hat Enterprise Linux (OpenJDK‑based).
- Support and troubleshoot web applications built with Java, ZK, and JavaScript, collaborating with development teams to diagnose and resolve issues.
- Deploy and support our applications in cloud environments, with a preference for open‑source–friendly providers such as DigitalOcean (e.g., compute, managed databases, networking, firewalls).
- Use CVS, Git, and build tools such as Ant, Maven, and Gradle to deploy builds, validate changes, and assist in investigating defects and performance problems.
- Respond to incidents affecting availability, performance, security, or integrations, participating in an on‑call rotation as required.
- Perform routine administration tasks including OS/app patching, MySQL/MariaDB backup and restore, CUPS printer configuration, and basic office IT support.
- Support Asterisk‑based VoIP deployments (preferably Sangoma platforms).
- Configure and troubleshoot networking and secure connectivity, including:
- IPv4, subnetting, switching and routing basics
- VPNs (ideally Tinc)
- TLS and certificate lifecycle (CSRs, installation, renewal, troubleshooting)
- Firewall rules and access controls; Fortinet experience preferred
- Implement and maintain monitoring, logging, and security tooling, including:
- Prometheus, node_exporter, Alertmanager
- Grafana dashboards
- Zabbix or similar infrastructure monitoring
- Wazuh + OpenSearch, Graylog, Suricata
- Configure and support GeoServer and related GIS components.
- Work with email and identity‑related services, including:
- Basic SASL and SSO concepts and experience working with them in real environments
- Application‑level email integration with Exchange Online (Microsoft 365 Enterprise)
- Administration and troubleshooting of Postfix or similar MTAs on Linux
- Contribute to implementation projects:
- Plan and execute technical tasks according to project timelines
- Support large, time‑dependent cutovers/go‑lives (including rollback planning) in 24/7 environments
- Provide clear technical updates and documentation for stakeholders
- Apply and support policy and compliance requirements, including:
- Respecting Acceptable Use Policies (AUPs) and information‑handling standards for each customer
- Helping ensure that system configurations, logging, access, and data flows align with Canadian digital sovereignty and data residency expectations (e.g., understanding where data is stored, processed, and transmitted)
- Maintain accurate documentation: runbooks, configuration records, deployment procedures, incident reports, and change records.
- Provide professional, calm, solution‑focused support to customers, including in time‑sensitive situations.
- Travel to customer sites (primarily within Ontario, occasionally elsewhere in Canada) for installations, upgrades, and troubleshooting.
Required qualifications and skills
Core competencies
- Strong sense of ownership for reliability, security, and compliance in mission‑critical systems.
- Customer‑focused communication, comfortable working with both technical and non‑technical stakeholders.
- Ability to learn new technologies and domain concepts quickly and independently.
- Structured, analytical approach to troubleshooting and root‑cause analysis.
- Experience working with development and project teams (e.g., following project plans, coordinating changes, participating in releases).
- Able to work effectively in a small team with minimal supervision.
- Excellent written and verbal English.
Technical skills
- Solid Linux administration experience on AlmaLinux and/or RHEL (users, services, logging, storage, package management).
- Experience deploying and supporting Java/OpenJDK applications and reviewing JVM and application logs.
- Familiarity with ZK or similar Java web frameworks and JavaScript in a support context.
- PC hardware build, upgrade, and troubleshooting skills.
- Practical experience with Git (and ideally some exposure to CVS) and Java build tools (Ant, Maven, Gradle).
- Hands‑on experience with at least one cloud platform, ideally DigitalOcean or a similar open‑source–friendly provider (VMs, networking, storage, firewalls).
- Networking and secure connectivity:
- IPv4, subnetting, routing/switching basics
- VPN configuration (Tinc or similar)
- TLS concepts and certificate management
- Firewall and ACL basics; Fortinet experience is an asset
- Security, privacy, and compliance basics:
- Least privilege, hardened configuration, patching and vulnerability mitigation
- Working knowledge of SASL and SSO concepts, and experience collaborating on SSO/email flows (e.g., SAML/OIDC, Exchange Online, Postfix)
- Awareness of Digital Sovereignty and data residency concepts, particularly in a Canadian public‑sector context
- Familiarity with key Canadian standards and frameworks such as PIPEDA, CCSPA (2025), ITSG/ITSP guidance, and Ontario’s Critical Infrastructure Protection requirements, and how they influence system configuration, logging, retention, and access control
- Understanding of and adherence to Acceptable Use Policies and customer‑specific security policies
- Observability and monitoring:
- Metrics with Prometheus/node_exporter/Alertmanager
- Dashboards in Grafana
- Infrastructure monitoring (e.g., Zabbix)
- Log/SIEM stacks such as Wazuh + OpenSearch or Graylog, and NIDS tools like Suricata.
Security, travel and legal
- Valid Ontario driver’s licence and reliable vehicle (mileage reimbursed).
- Valid Canadian passport or ability to obtain one within a reasonable timeframe.
- Bondable for commercial purposes.
- Eligible for a Government of Canada security clearance (e.g., Confidential or Secret).
Preferred (asset) experience
- Sangoma VoIP hardware/software.
- Apache HTTP Server, Nginx, Tomcat, and reverse‑proxy/load‑balancing setups.
- Bash/sh scripting and small automation tools.
- Deeper hands‑on work with Prometheus/Grafana, Wazuh, OpenSearch, Graylog, Suricata, or similar tooling.
- GeoServer, GIS data formats, and mapping.
- Large‑scale, time‑sensitive implementations (e.g., go‑lives for 24/7 or public‑safety environments).
- Familiarity with basic project management practices (Agile, ITIL, or similar).
- Experience integrating with enterprise IdPs using SAML/OIDC SSO, or working on mail/identity flows between on‑prem systems, Postfix, and Exchange Online.
- Knowledge of emergency‑services operations (fire, police, EMS dispatch).
- Spoken French.
What we offer
- Competitive salary based on experience.
- Hybrid work model with flexible hours and work‑from‑home options, subject to operational needs.
- Comprehensive health and dental benefits.
- Generous vacation and paid time‑off.
- A small, collaborative engineering team where your work directly supports public‑safety operations and critical infrastructure.
How to apply
Please email your resume and a brief cover letter explaining how your experience aligns with this role to [email protected].
We thank all applicants for their interest. Only candidates selected for an interview will be contacted. Please do not call or visit the office regarding this posting.
Job Type: Full-time
Pay: $58,000.00-$68,000.00 per year
Benefits:
- Dental care
- Disability insurance
- Employee assistance program
- Extended health care
- Life insurance
- Paid time off
Flexible language requirement:
Ability to commute/relocate:
- Markham, ON L3R 5G1: reliably commute or plan to relocate before starting work (required)
Experience:
- Information security: 2 years (required)
- VPN: 2 years (preferred)
- IT support: 3 years (required)
- VoIP: 2 years (preferred)
- Linux: 4 years (required)
- MySQL: 2 years (preferred)
Language:
Licence/Certification:
- Driving Licence (required)
Work Location: Hybrid remote in Markham, ON L3R 5G1
