Sr. Network Engineer

Overview

This position sits within our IT Infrastructure division, which handles the combined set of software, hardware, networks, and facilities used to develop, test, deliver, monitor, control, or support IT Services.

The Opportunity

We are seeking a highly skilled and experienced Senior Network Engineer to join our dynamic infrastructure team. This role is critical for designing, implementing, managing, and securing our complex network infrastructure across on-premises data centers and cloud environments, with a strong focus on Google Cloud Platform (GCP). The ideal candidate will possess deep technical expertise in routing, switching, security, cloud networking (especially GCP), and automation, ensuring the highest levels of network performance, reliability, and security. You will leverage your expertise in Cisco, Meraki, GCP, automation tools, and security platforms to support a large, sophisticated environment. This position is in-office with a regular on-call schedule

Responsibilities

What You’ll Be Doing

• Design, configure, manage, and troubleshoot complex network infrastructure including Cisco (ACI, ASA, NextGen FW, VPN, Switching & Routing) and Meraki (SD-WAN, Wireless) components.

   

• Architect, implement, and manage Google Cloud Platform (GCP) network infrastructure, including Partner Interconnect, Shared VPC, Internal/Regional/Global Load Balancing, Cloud Firewall, and Cloud Armor.

   

• Configure, support, and optimize network performance load balancing and security solutions using vendors such as F5 and Palo Alto Networks.

   

• Develop, implement, and maintain network automation solutions using Python and/or shell scripting, and Terraform for both data center hardware and cloud networking resources.

   

• Manage and support Software Defined Networking (SDN) environments, specifically including Cisco Application Centric Infrastructure (ACI).

   

• Oversee and troubleshoot core network protocols and services including TCP/IP, BGP, VPNs, LAN/WAN connectivity, and Network Access Control (NAC).

   

• Implement, manage, and monitor network security systems including firewalls, IDS/IPS, internet filtering, anti-virus, application security, secure email gateways, SIEM, and WAF.

   

• Conduct vulnerability testing, implement ongoing monitoring programs, and ensure adherence to compliance requirements (including federal environments).

   

• Support large network environments incorporating virtualization, wireless, and mobile technologies.

   

• Utilize network tracing and packet capture tools for advanced troubleshooting and analysis.

   

• Collaborate effectively with technical teams and communicate complex technical issues clearly to both technical and non-technical stakeholders.

   

• Support IT operational infrastructure, including business continuity planning and execution.

   

• Manage Active Directory integration points related to network services.

   

• Support environments utilizing Windows Server and Linux operating systems.

   

• Automate code deployment across multiple cloud providers (GCP preferred, AWS/Azure experience beneficial).

• This job description in no way implies that the duties listed here are the only ones that team members can be required to perform.

Qualifications

What You Bring to the Team

• Minimum of eight (8) years of experience in network and/or security administration.
• CCNP (Cisco Certified Network Professional) certification or demonstrated equivalent competency 
• Technical knowledge and experience equivalent to a two-year program in network engineering or a related field.
• Expert-level proficiency in configuring and managing Cisco and Meraki network components, specifically Meraki SD-WAN and Wireless.
• Strong, hands-on knowledge of Google Cloud Platform (GCP) networking: Partner Interconnect, Shared VPC, Internal/Regional/Global Load Balancing, Cloud Firewall, Cloud Armor.
• Solid understanding and practical experience with Software Defined Networking (SDN) concepts and execution.
• Knowledge of Cisco Application Centric Infrastructure (ACI).
• Deep understanding and ability to deploy/manage critical network services like DNS, DHCP, NTP, RADIUS, and TACACS .
• Significant experience automating network tasks using Python and/or shell scripting.
• Proven experience using Terraform for Infrastructure as Code (IaC) to manage both data center hardware AND cloud networking resources.
• Experience configuring and supporting network load balancers (e.g., F5) and security platforms (e.g., Palo Alto Networks).
• Demonstrated experience supporting large, complex network environments including virtualization, wireless, and mobile technologies.
• Proficiency with multiple core IT systems and protocols: TCP/IP, LAN/WAN, VPN, BGP, Active Directory, NAC, Windows Server, Linux.
• In-depth knowledge of network routing, firewalls, intrusion detection/prevention systems (IDS/IPS), internet filtering, anti-virus technology, application security, secure email gateways.
• Experience with SIEM, SD-WAN, Cisco ASA/NextGen Firewalls, Dell Switches, Web Application Firewalling (WAF), Data Center & Cloud Networking/Security paradigms, and Network Tracing/Packet Capture tools.
• Proven experience in vulnerability testing, planning/implementing ongoing monitoring programs, and knowledge of IT operational infrastructure including business continuity.
• Knowledge of requirements within federal compliant environments.
• Excellent problem-solving and troubleshooting skills.
• Excellent written and verbal communication skills, with the ability to discuss complex technical issues effectively with diverse audiences.

Preferred Qualifications:

• Cisco DevNet Professional Certification
• Google Cloud Platform Professional Cloud Network Engineer certification.
• Google Cloud Platform Professional Cloud Security Engineer certification.
• Experience with automation of code deployment across multiple cloud providers (AWS, Azure in addition to GCP).

Physical Demands and Work Environment:

• The physical activities of this position include frequent sitting, telephone communication, working on a computer for extended periods of time. Visual acuity is required to perform activities close to the eyes.
• This position is fully remote with only occasional travel to the office for team meetings, events and to the data centers to support/assist in projects/incident. Team members are expected to have an established workspace.
• Ability to work remotely in the United States or Canada.

E-Verify Statement

ConstructConnect utilizes the E-Verify program with every potential new hire. This makes it possible for us to make certain that every employee who works for ConstructConnect is eligible to work in the United States. To learn more about E-Verify you can call 1-800-255-7688 or visit their website. E-Verify® is a registered trademark of the United States Department of Homeland Security. 

Privacy Notice