Position Overview:

We’re looking for a highly experienced Senior Network Engineer with deep expertise in enterprise network architecture, firewall and perimeter defense, and advanced routing. This role is responsible for the design, implementation, and optimization of scalable, secure, and highly available networks supporting global operations, cloud integrations, and mission-critical applications.

You’ll play a strategic role in evolving our network security posture, deploying next-gen technologies, and contributing to infrastructure automation and zero-trust initiatives.

Key Responsibilities:

Network Architecture & Engineering

• Design, implement, and maintain large-scale, multi-site network infrastructure (LAN/WAN/MPLS/SD-WAN/DMVPN).
• Architect high-availability network topologies with dynamic routing protocols (BGP, OSPF, EIGRP).
• Engineer Data Center Interconnects (DCI), VXLAN overlays, and spine-leaf architectures.
• Manage and optimize global BGP peering and redundancy strategies with ISPs and cloud providers.

Firewall & Security Infrastructure

• Architect and manage enterprise-class firewall systems (Palo Alto, Fortinet, Cisco ASA/Firepower, Check Point).
• Implement and maintain next-gen features: App-ID, Threat Prevention, URL Filtering, IPS/IDS, User-ID integration.
• Lead segmentation and micro segmentation efforts in alignment with zero-trust security models.
• Manage site-to-site and client VPNs with IKEv2/IPSec and SSL configurations, including third-party integrations.

Cloud & Hybrid Networking

• Integrate on-prem networks with cloud platforms (AWS, Azure, GCP) including VPC peering, Transit Gateway, and ExpressRoute/Direct Connect.
• Deploy and manage cloud-native firewalls, route tables, NAT gateways, and hybrid connectivity solutions.
• Collaborate with DevOps on IaC (Infrastructure as Code) for network automation (Terraform, Ansible).

Monitoring, Automation & Optimization

• Develop and maintain detailed network documentation, topology diagrams, and runbooks.
• Implement network observability using tools like NetFlow, SNMP, Syslog, and packet capture platforms.
• Automate network configuration and change management using Python, Ansible, or RESTful APIs.
• Proactively identify performance bottlenecks, failure points, and security gaps.

Required Qualifications:

• Bachelor’s degree in Computer Engineering, IT, or related field (or equivalent experience).
• 7+ years in complex enterprise network environments.
• Expert-level knowledge of Cisco (Nexus, Catalyst, ASA/Firepower), Palo Alto, Fortinet, or equivalent.
• Deep understanding of TCP/IP, BGP, OSPF, VRFs, VLANs, NAT/PAT, and multicast.
• Hands-on experience with VPN technologies (IPSec, SSL, DMVPN), QoS, and traffic shaping.

Preferred Certifications & Skills:

• Certifications: CCNP/CCIE, PCNSE, NSE 7, JNCIP/IE, AWS Advanced Networking, or Azure Network Engineer Associate.
• Experience with Zero Trust Architecture (ZTA) implementation.
• Familiarity with SASE, ZTNA, CASB, and cloud security posture management tools.
• Python scripting, YAML/JSON for automation pipelines.
• Experience supporting compliance-driven environments (e.g., PCI-DSS, HIPAA, NIST, FedRAMP).

Job Type: Full-time

Experience:

• LAN/WAN/MPLS/SD-WAN/DMVPN: 5 years (Required)
• Palo Alto, Fortinet, Cisco ASA/Firepower, Check Point: 5 years (Required)
• AWS, Azure, GCP: 5 years (Required)
• network documentation, topology diagrams, and runbooks.: 5 years (Required)
• • Python scripting, YAML/JSON for automation pipelines: 5 years (Preferred)
• complex enterprise network environments: 7 years (Required)

License/Certification:

• CCNP/CCIE (Required)
• PCNSE (Required)
• NSE 7 (Required)
• JNCIP/IE (Required)
• Azure Network Engineer Associate (Required)

Work Location: In person