Network Consultant VPN

Position Description:

Missions
We are seeking a Cloud Network Consultant (AWS) to lead the design implementation governance and security of enterprise-grade cloud networking solutions. This role requires deep technical expertise in Cisco routing AWS networking and security services Skyhigh Proxy and automation with Terraform combined with strong leadership to enforce robust security controls and drive strategic initiatives.
You will leverage strong Cisco routing/switching and security skills to oversee topics related to Cisco routing AWS network services (including firewall solutions) AWS CDN and AWS Front Door. You will also secure web access by administering Squid and Skyhigh Secure Web Gateway/Proxy manage allow/deny lists and oversee operational lifecycle tasks such as TLS certificate renewals and AMI/image upgrades for network and security appliances.
You will contribute to infrastructure automation using Terraform and drive resilient observable and compliant operations. Additionally you will implement monitoring and alerting frameworks and enforce cloud policy and governance for compliance.
Profile
Mandatory Skills
Squid Proxy
AWS Front Door
CDN
AWS Firewall
Terraform (Infrastructure as Code)
Cisco routing and switching
Secondary Skills
Network security knowledge
WAF
Squid Proxy
Fortinet
CheckPoint
Key Responsibilities
Strategic Leadership & Governance
Define and own the cloud network architecture roadmap aligned with business objectives.
Establish network security governance compliance frameworks and enforce zero-trust principles.
Lead cloud networking strategy across hybrid environments ensuring scalability resilience and cost optimization.
Act as a trusted advisor for network security best practices risk assessments and audit readiness.
Technical Design & Implementation
Architect and oversee Cisco routing (BGP OSPF MPLS VPNs) for hybrid connectivity.
Collaborate with cloud architects security and DevOps teams to ensure secure and scalable network designs.
Design and implement AWS Firewall AWS Front Door (with WAF) and AWS CDN for secure and optimized traffic delivery.
Design cloud and hybrid network topologies (hub-and-spoke/vWAN) IP addressing route tables and peering aligned to zero-trust principles.
Design implement and support hybrid/cloud network architectures with Cisco routing (BGP OSPF route redistribution ECMP VRFs).
Define ingress/egress patterns with AWS Firewall and route control; standardize segmentation and inspection points.
Build and maintain AWS networking components: VPC subnets route tables Private Links load balancers and hybrid connectivity (e.g. SD-WAN).
Architect AWS Front Door for global load balancing routing strategies health probes and domain management.
Align CDN caching strategies (TTL compression rules engine) with application requirements.
Design and implement application delivery services (traffic manager load balancers etc.).
Implement AWS Application Gateway configurations (TLS HTTP settings rewrite rules).
Troubleshoot connectivity routing and latency issues across cloud data center and hybrid environments.
Analyze L3L7 issues using packet capture logs and monitoring tools.
Manage DNS zones private endpoints and network peering.
Establish secure internet access via Squid and Skyhigh Proxy (SSL inspection policies PAC files).
Implement domain/IP/application allowlisting and blocklisting strategies.
Oversee certificate lifecycle management (issuance renewal rotation automation).
Govern AMI upgrades patching cycles and image hardening standards.
Automation & Infrastructure as Code
Drive Terraform adoption for provisioning policy-as-code and compliance enforcement.
Implement CI/CD pipelines for network and security automation.
Automate certificate renewals AMI pipelines and proxy policy updates.
Security Controls & Compliance
Enforce network segmentation least-privilege access and a deny-by-default approach.
Implement WAF/IDPS threat intelligence filtering and DDoS protection strategies.
Maintain documentation (runbooks diagrams inventories) and provide L3 support and knowledge transfer.
Ensure compliance with standards such as ISO 27001 SOC 2 GDPR and PCI-DSS.
Monitoring & Incident Response
Define observability strategies and traffic analytics.
Lead troubleshooting for complex L3/L7 issues across hybrid and multi-cloud environments.
Establish incident response procedures and conduct regular testing exercises.

CGI provides a reasonable estimate of the salary range for this position. The calculation of this range depends on various factors including skill level geographic market experience education as well as professional licenses and certifications. Compensation decisions are based on the specifics of each case. A reasonable estimate for this salary range is between $60000 and $115000. This position is currently open.

#LI-AM1

Bilingualism (French and English) is required for this position due to the nature of the role requiring interaction with national and global clients.

Skills:

• French
• Checkpoint
• Infrastructure as a Code
• Network Security
• Terraform

What you can expect from us:

Together as owners lets turn meaningful insights into action.

Life at CGI is rooted in ownership teamwork respect and belonging. Here youll reach your full potential because

You are invited to be an owner from day 1 as we work together to bring our Dream to life. Thats why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our companys strategy and direction.

Your work creates value. Youll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas embrace new opportunities and benefit from expansive industry and technology expertise.

Youll shape your career by joining a company built to grow and last. Youll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons.

At CGI we value the strength that diversity brings and are committed to fostering a workplace where everyone belongs. We collaborate with our clients to build more inclusive communities and empower all CGI partners to thrive. As an equal-opportunity employer being able to perform your best during the recruitment process is important to us. If you require an accommodation please inform your recruiter.

To learn more about accessibility at CGI contact us via email. Please note that this email is strictly for accessibility requests and cannot be used for application status inquiries.

Come join our teamone of the largest IT and business consulting services firms in the world.