Senior Network Engineer

Job Summary:

We are seeking a highly skilled Senior Network Engineer to design, implement, manage, and optimize our large-scale, complex network infrastructure spanning 350 locations. This role involves managing MPLS, Dedicated Internet Access (DIA), point-to-point circuits (P2P), Cloud Connects, AWS Direct Connect, and Azure ExpressRoute, along with implementing IPSec VPN, advanced routing (BGP, EIGRP), security policies (NAT, ACLs, route maps), and network automation. The ideal candidate will also be responsible for proactive network monitoring, performance analysis, and security visibility using tools like SNMP-based monitoring, ExtraHop, and other network analytics platforms to ensure optimal uptime, security, and efficiency.

Key Responsibilities:

1. Architect, deploy, and optimize a scalable, highly available, and secure enterprise network across 350 locations.

2. Design and maintain MPLS, DIA, P2P circuits, AWS Direct Connect, and Azure ExpressRoute to ensure high-performance connectivity.

3. Engineer and support IPSec VPN tunnels for secure remote access and inter-site connectivity.

4. Implement advanced routing policies using BGP, EIGRP, OSPF, static routes, prefix lists, ACLs, and route maps.

5. Design and maintain enterprise wireless solutions including Cisco WLCs and Access Points.

6. Administer and maintain Cisco routers (ISR, ASR) and switches (Catalyst, Nexus).

7. Manage Infoblox DDI (DNS, DHCP, IPAM) for resilient name resolution.

8. Configure and maintain Cisco ISE for network access control and authentication policies.

9. Oversee network performance monitoring, SNMP-based alerting, and traffic analysis.

10. Utilize ExtraHop and other deep packet inspection (DPI) tools for real-time traffic visibility and network security monitoring.

11. Troubleshoot network issues, latency, packet loss, and performance bottlenecks across WAN, LAN, and cloud interconnects.

12. Enforce AAA, TACACS , RADIUS, and 802.1X authentication policies.

13. Develop and enforce firewall policies, NAT configurations, and access control lists (ACLs).

14. Ensure compliance with ISO 27001, NIST, PCI-DSS, and other industry security frameworks.

15. Work with Security Operations (SOC) teams to mitigate threats, monitor anomalies, and secure network boundaries.

16. Deploy and maintain SNMP-based monitoring solutions (SolarWinds, PRTG, Thousand Eyes, Cisco DNA Center, etc.).

17. Implement ExtraHop for deep packet analysis, application monitoring, and network anomaly detection.

18. Automate network tasks using Python, Ansible, Terraform, or equivalent.

19. Optimize QoS policies, WAN acceleration, and traffic engineering techniques to enhance application performance.

20. Perform capacity planning and proactive performance analysis to optimize network usage and prevent congestion.

21. Design, deploy, and manage hybrid cloud network architectures in AWS and Azure.

22. Implement AWS Direct Connect and Azure ExpressRoute for high-speed cloud connectivity.

23. Optimize cloud networks, VPN peering, and virtual network gateways.

24. Maintain up-to-date network documentation, topology diagrams, and runbooks.

25. Collaborate with IT, Security, and Infrastructure teams to align network initiatives with business objectives.

26. Provide technical mentorship to junior network engineers and cross-functional teams.

Qualifications:

8-10 years of hands-on experience in network engineering, architecture, and operations.

Strong expertise in MPLS, DIA, P2P circuits, AWS Direct Connect, and Azure ExpressRoute.

Deep knowledge of routing protocols (BGP, EIGRP, OSPF), IPSec VPN, NAT, ACLs, route maps.

Extensive experience with Cisco routers (ISR, ASR) and switches (Catalyst, Nexus).

Proficiency in network monitoring and SNMP-based solutions (SolarWinds, PRTG, ThousandEyes, Cisco DNA Center, etc.).

Hands-on experience with ExtraHop for deep packet inspection and traffic analytics.

Experience with Infoblox (DNS, DHCP, IPAM) and Cisco ISE (802.1X, NAC, authentication).

Strong knowledge of wireless networking (Cisco WLCs, Access Points, RF design, and security policies).

Scripting and network automation experience (Python, Ansible, Terraform, or equivalent tools).

Ability to analyze packet captures, NetFlow, SNMP logs, and real-time network telemetry.

Preferred Certifications:

Cisco CCNP / CCIE (Enterprise, Security, or Service Provider)

AWS Advanced Networking Specialty

Microsoft Certified: Azure Network Engineer Associate

ExtraHop Certified Professional (ECP)

Infoblox Core DDI Certification