Senior Network Engineer

Description:

Experience: 7+ years in complex enterprise network environments. Expert-level knowledge of Cisco (Nexus, Catalyst, ASA/Firepower), Palo Alto, Fortinet, or equivalent. Deep understanding of TCP/IP, BGP, OSPF, VRFs, VLANs, NAT/PAT, and multicast. Hands-on experience with VPN technologies (IPSec, SSL, DMVPN), QoS, and traffic shaping.

Education: Bachelor’s degree in Computer Engineering, IT, or related field (or equivalent experience). Certifications: CCNP/CCIE, PCNSE, NSE 7, JNCIP/IE, AWS Advanced Networking, or Azure Network Engineer Associate. Experience with Zero Trust Architecture (ZTA) implementation. Familiarity with SASE, ZTNA, CASB, and cloud security posture management tools. Python scripting, YAML/JSON for automation pipelines. Experience supporting compliance-driven environments (e.g., PCI-DSS, HIPAA, NIST, FedRAMP).

Key Responsibilities:

- Network Architecture & Engineering Design, implement, and maintain large-scale, multi-site network infrastructure (LAN/WAN/MPLS/SD-WAN/DMVPN).

- Architect high-availability network topologies with dynamic routing protocols (BGP, OSPF, EIGRP).

- Engineer Data Center Interconnects (DCI), VXLAN overlays, and spine-leaf architectures.

- Manage and optimize global BGP peering and redundancy strategies with ISPs and cloud providers.

- Firewall & Security Infrastructure Architect and manage enterprise-class firewall systems (Palo Alto, Fortinet, Cisco ASA/Firepower, Check Point).

- Implement and maintain next-gen features: App-ID, Threat Prevention, URL Filtering, IPS/IDS, User-ID integration.

- Lead segmentation and micro segmentation efforts in alignment with zero-trust security models.

- Manage site-to-site and client VPNs with IKEv2/IPSec and SSL configurations, including third-party integrations.

- Cloud & Hybrid Networking Integrate on-prem networks with cloud platforms (AWS, Azure, GCP) including VPC peering, Transit Gateway, and ExpressRoute/Direct Connect.

- Deploy and manage cloud-native firewalls, route tables, NAT gateways, and hybrid connectivity solutions.

- Collaborate with DevOps on IaC (Infrastructure as Code) for network automation (Terraform, Ansible). Monitoring, Automation & Optimization Develop and maintain detailed network documentation, topology diagrams, and runbooks.

- Implement network observability using tools like NetFlow, SNMP, Syslog, and packet capture platforms.

- Automate network configuration and change management using Python, Ansible, or RESTful APIs.

- Proactively identify performance bottlenecks, failure points, and security gaps.