This is a difficult question as I don't know what your IT department is doing. First of all you should do a bit of social engineering
to get a few more informations about the infrastructure. I think they will use a proxy server with url filtering capabilities. The normal way is to only allow the proxy access to the internet. There maybe isn't even a default route configured on there layer 3 switches to the perimeter firewall. You can try some proxy services like avoidr.com. But with a standard proxy with url filtering and blocking anonymizer you won't be able to get through. Some proxies are even able to do ssl inspection. In some countries they need to tell there employees that they do ssl inspection cause this is not allowed by the data privacy act. If they done right you can only access the Internet over tcp/80 (http) and tcp/443 (https) so ssh tunneling will not work at all. There are also appliances called next generation firewalls. they are able to explicitly block different file types. So you are maybe able to download a pdf but you are not able to download some exe files.
If you do remote support for clients then there must be an remote access application which is allowed to access the internet. Maybe you can use this to connect to your PC at home. There you can download everything. If the remote access software is able to do some kind of filetransfer (like teamviewer and such) you can later copy the file from your home pc to your work pc. This will be very slow but at least this might be a possiblity.
I forgot to mention that there might be a way to see if they are doing ssl inspection. As the appliance which is doing ssl inspection needs to do some kind of a man in the middle attack you will always get a certificate from the proxy/firewall.
Try to visit a https website and take a look at the certificate.
