Network Security Architect

About Kinaxis

Elevate your career journey by embracing a new challenge with Kinaxis. We are experts in tech, but it's really our people who give us passion to always seek ways to do things better. As such, we're serious about your career growth and professional development, because People matter at Kinaxis.  

In 1984, we started out as a team of three engineers. Today, we have grown to become a global organization with over 2000 employees around the world, with a brand-new HQ based in Kanata North in Ottawa. As one of Canada's Top Employers, we are proud to work with our customers and employees towards solving some of the biggest challenges facing supply chains today.

At Kinaxis, we power the world's supply chains to help preserve the planet's resources and enrich the human experience. As a global leader in end-to-end supply chain management, we enable supply chain excellence for all industries, with more than 40,000 users in over 100 countries. We are expanding our team as we continue to innovate and revolutionize how we support our customers.

Location

Ottawa - Hybrid

Other Canadian locations - Remote

About The Role

The Network Security Architect is responsible for designing, implementing and maintaining robust security frameworks to safeguard our enterprise infrastructure. The ideal candidate will possess deep expertise in network security protocols, encryption technologies, advanced threat detection and prevention systems, coupled with a proven track record of architecting secure, scalable network environments. They will bring a strategic mindset to anticipate and mitigate evolving cyber threats, ensuring the integrity, confidentiality, and availability of critical networks, systems and data.

As the Network Security Architect, you will design resilient network defenses, oversee the implementation of security policies, drive compliance with industry standards, conduct risk assessments, in collaboration with other stakeholders, playing a critical role in protecting the organization from internal and external threats.

What you will do

• Design and implement secure network architectures for hybrid multi-cloud environments (e.g., AWS, Azure, GCP, and on-premises infrastructure).
• Develop, implement, and enforce network security policies, standards, and procedures to ensure a secure and compliant network environment.
• Leverage Network Security Assurance technologies to conduct regular assessment of the network architecture and firewall configurations to identify vulnerabilities, misconfigurations, and compliance gaps.
• Oversee and secure public DNS infrastructure, ensuring availability, integrity, and performance while mitigating DNS-based threats like DDoS attacks.
• Design, deploy, and manage Web Application Firewalls to protect web applications from threats. Optimize WAF rules, monitor performance, and respond to incidents.
• Manage Public Key Infrastructure, including certificate lifecycle management, issuance, and revocation; certificate authorities, digital certificates, and key management processes, maintain compliance with industry standards and best practices for PKI operations.
• Conduct security assessments to identify and remediate risks in a hybrid multi-cloud environment.
• Collaborate with incident response teams to investigate and mitigate security incidents, providing expertise in network and cloud security.
• Ensure compliance with industry standards and perform risk assessments to align security practices with business objectives.
• Maintain comprehensive documentation of security configurations, policies, and procedures. Create and maintain detailed network security diagrams.
  
  

What we are looking for

Primary Skills And Qualifications

• Bachelor's degree in computer science, Information Security, or a related field (or equivalent experience).
• 7+ years of experience in network security, with at least 3 years in a security architect role with a focus on network assurance, PKI systems and DNS security.
• CISSP, ISSAP, CCNP Security, Comptia Cloud+/Security +/CASP+ certifications preferred.
• Demonstrates agility and resiliency in managing workloads.
• Excellent problem-solving and analytical skills with attention to detail.
• Strong communication skills to articulate complex security concepts to technical and non-technical stakeholders.
• Ability to work independently and collaboratively in a fast-paced environment.
  
  

Role Specific Skills And Experience

• Proven expertise in managing Firewalls and Network Security Policy management tools (e.g. Algosec, Firemon etc.).
• Deep understanding of network protocols, encryption, VPNs, IDS/IPS, and load balancers.
• Experience with zero-trust architecture and micro-segmentation.
• Strong knowledge and extensive experience in PKI management, including certificate authorities and encryption protocols, automation, and leveraging PKI tools and certificate management platforms.
• Proven expertise in deploying and managing WAF solutions (Akamai, Cloud Amour etc.)
• Hands-on experience with public DNS management (e.g., Route 53, Cloudflare DNS, or BIND).
• Familiarity with Information Security and Governance industry standards/best practices and relevant regulations (e.g., SSAE16, ISO
• Familiarity with scripting/automation tools (e.g., Python, Bash, Terraform) for security orchestration are preferred.
• Knowledge of DevSecOps practices and tools (e.g. CI/CD pipelines, container security) are an advantage.
• Proficiency with cloud platforms (AWS, Azure, GCP) security services and hybrid network environments.
• Knowledge of advanced threat detection and response tools.
  
  

#Senior

Work With Impact: Our platform directly helps companies power the world's supply chains. We see the results of what we do out in the world every day—when we see store shelves stocked, when medications are available for our loved ones, and so much more.

Work with Fortune 500 Brands: Companies across industries trust us to help them take control of their integrated business planning and digital supply chain. Some of our customers include Lockheed Martin, Yamaha, P&G, Honda, and more.

Social Responsibility at Kinaxis: Our Diversity, Equity, and Inclusion Committee weighs in on hiring practices, talent assessment training materials, and mandatory training on unconscious bias and inclusion fundamentals. Sustainability is key to what we do and we're committed to net-zero operations strategy for the long term. We are involved in our communities and support causes where we can make the most impact.

People matter at Kinaxis and these are some of the perks and benefits we created for our team:

• Flexible vacation and Kinaxis Days (company-wide day off on the last Friday of every month)
• Flexible work options
• Physical and mental well-being programs
• Regularly scheduled virtual fitness classes
• Mentorship programs and training and career development
• Recognition programs and referral rewards
• Hackathons
  
  

Kinaxis welcomes candidates to apply to our inclusive community. We provide accommodations upon request to ensure fairness and accessibility throughout our recruitment process for all candidates, including those with specific needs or disabilities. If you require an accommodation, please reach out to us at Please note that this contact information is strictly for accessibility requests and cannot be used to inquire about application statuses.

Kinaxis is committed to ensuring a fair and transparent recruitment process. We use artificial intelligence (AI) tools in the initial step of the recruitment process to compare submitted resumes against the job description, to identify candidates whose education, experience and skills most closely match the requirements of the role. After the initial screening, all subsequent decisions regarding your application, including final selection, are made by our human recruitment team. AI does not make any final hiring decisions.

---