Job Description

Permanent Full-time (St. John's) - ARCHITECTURE

Zone:

Digital Health

Location: 70 O'Leary Avenue

Technical Architect II

Digital Health - ARCHITECTURE

Permanent Full-time

Hours

70 (8 hours; Days)

Salary

HL-22 ($76,523-$99,480) Annual

Competition Number

VAC0014833

Posted Date

2025-10-06

Closing Date

2025-10-13

Demands, duties, qualifications

About the Role

We are currently seeking a Network Architect (Technical Architect II) to join our Enterprise Architecture team. Provide design leadership and governance for NL Health Services' provincial network and security architecture. Drive standardisation and progress towards a Zero Trust posture, ensuring robust integration across data centre, campus, WAN/SD WAN, wireless, and hybrid cloud connectivity.



This is a design and assurance role, not responsible for day-to-day operations, device administration, or on call.



Responsibilities include but are not limited to:


Produce High Level Designs (HLDs), data flow diagrams, and where warranted, LLDs for LAN/WAN/SD WAN, data centre (ACI), campus/wireless, secure remote access, and inter site connectivity. Define policy models for east west and north south traffic, micro segmentation (e.g., SGT/TrustSec), and NAC/802.1X posture. Author provincial networking standards, reference architectures, patterns, and guardrails; run design checkpoints and manage architecture decisions (ADRs) and exceptions. Provide design assurance for partner/SI deliverables (Cisco ACI, DNAC, ISE; Fortinet SD WAN; etc.). Ensure clean integration with BlueCat (DNS/DHCP/IPAM), QRadar (SIEM), identity (AD/Entra ID), certificate services, logging/telemetry, and hybrid cloud connectivity (e.g., private routing links, egress control). Translate complex design trade offs for executives and non technical stakeholders; review RFPs/SOWs; provide vendor oversight aligned to NLHS standards. Coach network/security engineers on patterns and guardrails to enable consistent delivery across the province.

About You

Your education and experience include:


Bachelor's Degree in Computer Science, Engineering, or Information Technology is required. 7+ years in network architecture for large multi site enterprises. Demonstrable experience with segmentation and NAC (802.1X), policy models, and designing for Zero Trust. Depth in Cisco networking, specifically ACI, DNAC, and ISE patterns and controls. Understanding of Fortinet SD WAN concepts and integration. Familiarity with firewalling in DC core/DMZ contexts (Cisco, Juniper, Palo Alto) Strong routing (BGP/OSPF), QoS, HA/DR design, and observability (NetFlow, syslog/telemetry) fundamentals. Proven architecture artefacts: HLDs, NFRs, ADRs, threat/risk assessments, with governance participation. Excellent stakeholder communication (executive to engineering), and vendor/SI design review skills. Certifications: CCNP (or equivalent experience); CCIE, Fortinet NSE7+, PCNSE, TOGAF, CISSP are assets, not requirements. Healthcare or regulated sector experience is an asset. (PHIA/PIPEDA awareness). Experience with hybrid cloud connectivity patterns is an asset. (e.g., private connectivity, hybrid DNS, egress). Tools & platforms you'll encounter + Cisco: ACI, DNAC, ISE; wireless, switching.
+ Fortinet: SD WAN as a managed service (integration focus).
+ BlueCat (DNS/DHCP/IPAM), QRadar (SIEM).
+ Common design/documentation tooling (e.g., Visio/Draw.io; SharePoint; Git backed ADRs).

Demonstrated equivalencies may be considered.