Network Architect

Project Info:

The Emergency Health Program Management & Delivery Branch (EHPMDB) supports life-critical services such as ambulance dispatch functions across Ontario. Under the Ambulance Act, the Minister has the duty and power to establish, maintain, and operate (alone or in cooperation with others) communication services used in dispatching ambulances and to fund such services.

The Emergency Health I & IT Solutions & Technology Management Branch (EHSTMB) of the Health Services I&IT Cluster (HSC) supports these services through the acquisition, delivery, support, and maintenance of related dispatch technologies, IT, and telecommunications used within the Ambulance Communication Centres (ACCs) across the province and in the Branch’s Head Office operations. These critical applications and technologies are used by the Ministry to support 24x7 mission-critical 911 call-taking and ambulance dispatch functions across the province, and include:

- Computer-Aided Dispatch (CAD) application and tools

- Telecommunication equipment and systems (i.e., Communication Console Systems and FleetNet)

- Technologies that digitally connect Land Ambulance Dispatch with other partners in first response and the health system (i.e., Real-Time Data Service and Mobile CAD)

- Reporting Applications and Tools

- Business Support Applications (i.e., Paramedic Certification, Inspections)

To increase data/network availability and performance, and to improve security and monitoring, a new set of networks which SD-WAN (Wide Area Network) and LAN (Local Area Network) needs to be implemented. This is also a requirement for the Telephony replacement project. Extensive architectural and design work with the understanding of the new SD-WAN technology is required to plan for deployment across all Central Ambulance Communication Centres (CACCs). Multiple sets of solutions need to be procured and integrated such as identity and director services, domain name system, Tools POD, firewalls, etc. Initial design and architecture are significant to ensure proper integration between solutions. The Senior Technology Architect will be responsible for planning, designing, and building the architecture of the network and associated supporting solutions.

Note: Candidates who will be evaluated are required to do a technical test before the interview process within 48 hours (Candidates who will pass the benchmark will be called for an interview). There will be no resending and extension of the technical test; candidates need to do it within the specified period of time.

Must have:

• 10 years Cisco 9K, SD-WAN (Viptela) configuration, migration, strong troubleshooting experience

• Palo Alto Firewalls, Panorama, installation, configuration, daily operation

• Expert level IP routing and L2 in datacenter using Cisco 9K switches

Description:

• Work in collaboration with Network Designer to roll out Next Generation LAN and WAN to MOH PSAP locations:

• Produce SD-WAN design and configuration (policy, template development)

• Produce high-level and low-level network design (design workbooks)

• Configure switches, routers, firewalls as per the network design

• Configure dynamic routing protocols (BGP/OSPF) on both SD-WAN and Firewall devices

• Perform physical Install of SD-WAN routers, LAN Switches, HA Firewalls

• Develop and apply a plan for HVAC, Power, UPS, Generator, and associate equipment remediation work

• Develop and apply Firewall policies

• Develop Centralized and Localized policies for traffic and App-Aware routing

• Test configurations and troubleshoot network issues

• Develop and Implement QoS policies for the Next Gen LAN and WAN

• Deploy configurations in network inventory DB

• Work with facility SME/Cable Designer to assist with facility remediation

• Develop and Configure Palo Alto Cloud logging

• Maintain and support the network environment during the Pilot phase of the project

• Assist in configuration management automation initiative using ansible and other tools

• Install Configure Aruba Clear Pass as Identity management solution

• Install and configure OOB management Firewalls across PSAP locations

• Perform other project-related duties as required

Evaluation Criteria:

Core Skills - 50%

• Cisco 9K, SD-WAN (Viptela) configuration, migration, strong troubleshooting experience

• Palo Alto Firewalls, Panorama, installation, configuration, daily operation

• VMware, strong knowledge of networking operation

• Nutanix networking experience

• Expert level IP routing and L2 in datacenter using Cisco 9K switches

• Strong VoIP experience, implementing QoS for enterprise voice

• Fluent with both Windows and Unix OS Administration

• IPv6 experience

• OS/Tools Skills

• Configuration management of networking devices using automation tools (Jenkins/Ansible) and API scripting: Docker Containers, ELK/Elastiflow Stacks, Windows Active Directory, LDAP, DNS (Infoblox or similar)

Technical Skills - 30%

• IPv6 experience

• Strong knowledge IP communication and routing is required (OSPF, BGP)

• Aruba ClearPass Policy Manager implementation/configuration experience

• Netbox/Infoblox IP Management

• Knowledge and experience with Palo Alto technologies (Panorama, XDR)

• Experience with projects related to 24x7 critical environments and operations

Communication/Analytical Skills - 20%

• Ability to work in an agile dynamic environment

• Experience working in an Agile project management methodology

• Strong interpersonal, written, and oral communication skills with the ability to work well in a collaborative environment

• Able to conduct research into networking issues and products as required

• Highly self-motivated and directed, with keen attention to detail

• Able to effectively prioritize tasks in a high-pressure environment

• Strong customer service orientation with proven analytical and problem-solving abilities

• Related degree in computer science or electrical engineering and/or seven to ten years equivalent network engineering experience.