Senior Network Engineer

Job Summary
We are seeking a highly skilled Network Engineer to design, implement, and maintain a robust, large-scale, multi-site network infrastructure. This role demands expertise in LAN, WAN, MPLS, SD-WAN, and DMVPN technologies, with a strong focus on architecting high-availability network topologies and ensuring seamless connectivity across global sites. The ideal candidate will have hands-on experience with advanced routing protocols, data center interconnects, enterprise firewall systems, and cloud network integration. This position plays a critical role in driving network automation, security segmentation, and performance optimization aligned with modern zero-trust principles.

Key Responsibilities
- Design, deploy, and maintain complex network infrastructures spanning multiple sites, leveraging LAN, WAN, MPLS, SD-WAN, and DMVPN technologies to ensure reliable and scalable connectivity.
- Architect and implement high-availability network topologies using dynamic routing protocols such as BGP, OSPF, and EIGRP to optimize traffic flow and redundancy.
- Engineer Data Center Interconnects (DCI), VXLAN overlays, and spine-leaf architectures to support scalable and resilient data center environments.
- Manage and optimize global BGP peering arrangements and redundancy strategies with Internet Service Providers (ISPs) and cloud service providers to maintain uninterrupted service.
- Architect, deploy, and manage enterprise-grade firewall systems, including Palo Alto, Fortinet, Cisco ASA/Firepower, and Check Point, ensuring robust perimeter and internal security.
- Implement next-generation firewall features such as App-ID, Threat Prevention, URL Filtering, IPS/IDS, and User-ID integration to enhance threat detection and mitigation.
- Lead network segmentation and micro-segmentation initiatives in alignment with zero-trust security frameworks to minimize attack surfaces.
- Configure and manage site-to-site and client VPNs using IKEv2/IPSec and SSL protocols, including integration with third-party VPN solutions.
- Integrate on-premises networks with cloud platforms (AWS, Azure, GCP) through VPC peering, Transit Gateway, ExpressRoute, and Direct Connect to enable hybrid cloud connectivity.
- Deploy and manage cloud-native firewalls, route tables, NAT gateways, and hybrid connectivity solutions to support secure cloud operations.
- Collaborate closely with DevOps teams to implement Infrastructure as Code (IaC) practices using Terraform and Ansible for network automation and consistency.
- Develop and maintain comprehensive network documentation, including topology diagrams and operational runbooks, to support ongoing maintenance and troubleshooting.
- Implement network observability and monitoring using tools such as NetFlow, SNMP, Syslog, and packet capture platforms to proactively identify issues.
- Automate network configuration and change management processes using Python scripting, Ansible playbooks, and RESTful APIs to improve efficiency and reduce errors.
- Proactively identify and resolve network performance bottlenecks, failure points, and security vulnerabilities to maintain optimal network health and security posture.

Required Qualifications
- Proven experience designing and managing large-scale, multi-site network infrastructures with LAN, WAN, MPLS, SD-WAN, and DMVPN technologies.
- Strong expertise in dynamic routing protocols including BGP, OSPF, and EIGRP.
- Hands-on experience with data center networking concepts such as DCI, VXLAN overlays, and spine-leaf architectures.
- Extensive knowledge of enterprise firewall platforms including Palo Alto, Fortinet, Cisco ASA/Firepower, and Check Point.
- Experience implementing next-generation firewall capabilities and zero-trust network segmentation.
- Proficiency in VPN technologies (IKEv2/IPSec, SSL) and cloud network integration (AWS, Azure, GCP).
- Familiarity with Infrastructure as Code tools such as Terraform and Ansible for network automation.
- Strong scripting skills in Python and experience with RESTful APIs for automation and orchestration.
- Ability to develop detailed network documentation and perform network monitoring and troubleshooting using industry-standard tools.

Preferred Qualifications and Benefits
While not explicitly stated, candidates with certifications such as CCNP, CCIE, Palo Alto PCNSE, or equivalent will be highly regarded. Experience working in a DevOps environment and familiarity with hybrid cloud architectures are advantageous. The role offers the opportunity to work on cutting-edge network technologies and collaborate with cross-functional teams in a dynamic, growth-oriented environment.

---

This position is ideal for a proactive network professional passionate about designing secure, scalable, and automated network infrastructures that support global enterprise operations.