Job Specifications
Beem Credit Union: Banking for every journey
Beem is redefining what it means to be a credit union. With 80 years of cooperative history and a bold vision for the future, we’ve united to create a financial partner that offers both digital ease and people-first service.
Our mission is clear: financial wellness for all. We help British Columbians achieve their goals through personalized advice, innovative technology, and genuine human connection.
As one of BC’s largest credit unions, we serve over 200,000 members across 66 branches with $18 billion in assets under administration.
If you’re passionate about making a difference and want to join a team that values collaboration, innovation, and purpose, join us on the journey.
Learn more: www.beemcreditunion.ca
What this role is all about:
The Network Security Specialist will strengthen Beem’s security posture by designing, implementing, and operating secure network controls across cloud and hybrid environments. This role focuses on protecting critical services through strong network segmentation, secure connectivity, and consistent enforcement of Zero Trust principles.
They will be responsible for hands-on configuration and management of enterprise network security platforms, including firewalls, SASE components, WAF, and DDoS protections, with a strong emphasis on Azure-based networking. This includes translating architectural intent into enforceable rules, policies, and guardrails that hold up under real-world traffic and threat conditions.
As Network security specialist you will work closely members of cloud, infrastructure, and security team to help reduce attack surface by tightening ingress and egress controls, improving visibility into network flows, and supporting threat detection through high-fidelity telemetry. You will participate directly in incident response, root cause analysis, and security improvement initiatives tied to network-level events.
They will also contribute to Beem’s broader security maturity by documenting standards, supporting security architecture reviews, and aligning network security practices with regulatory and framework expectations. The objective is clear: build and operate network defenses that are practical, auditable, and resilient—without slowing the business down.
This role is open to hybrid working arrangements within British Columbia.
What you’ll do:
Design, configure, and deploy a Secure Access Service Edge (SASE) framework to provide secure, low-latency network access, integrating cloud security, secure web gateway (SWG) and other network security services.
Lead the implementation of Zero Trust principles, ensuring that all access requests (internal and external) to resources within on-prem and cloud environments are authenticated, authorized, and continuously validated.
Implement and manage DDoS Protection services (for e.g. Imperva, Akamai, Cloudflare, etc.) to safeguard cloud applications and services from distributed denial-of-service attacks. Regularly monitor, test, and optimize DDoS configurations for resilience and performance.
Configure and maintain cloud-based WAF solutions to protect applications from web-based threats. Regularly review WAF policies and rulesets to ensure security without impacting application performance.
Develop, implement, and enforce network security policies and standards to support secure connectivity across on-prem and cloud environments.
Collaborate with the security operations and IT teams to monitor and analyze network security alerts from network security services, ensuring rapid response and mitigation of security threats.
Work closely with IT teams to optimize network performance, ensuring secure and seamless connectivity while implementing network segmentation for enhanced security.
Stay updated on the latest developments in SASE, Zero Trust, and cloud security practices. Evaluate new technologies, perform proof-of-concept testing, and recommend tools to enhance cloud network security.
Maintain up-to-date documentation of network security configurations, and procedures.
Participate in on-call rotation to support security services.
What you'll bring:
Bachelor of Science in Computer Science, Information Security, or related discipline.
3–5 years of hands-on experience in network security, with a strong focus on cloud environments (Azure preferred).
Proven, practical experience designing, deploying, and operating SASE and Zero Trust network architectures in production environments.
Preferred hands-on experience with enterprise network and security platforms, including:
Fortinet (FortiGate, FortiManager, FortiAnalyzer)
Palo Alto Networks (NGFW, Panorama, cloud-delivered security)
Imperva or Cloudflare or Akamai (Cloud WAF)
Azure Firewall and Azure-native network security controls
Strong proficiency with Azure networking and security services, including NSGs, UDRs, Azure DNS, Private Endpoints, Service Endpoints, and routing design.
Preferred han
About the Company
Welcome to the credit union that’s been part of BC for decades. Where every step, in life or in business, big or small, matters. Where personalized service, online or in-person, helps you get where you want to go. Where community means more than just where you live, but what we value, together. We’re here for you and your financial well-being. For everyone in BC. For every journey.
Know more