Senior Network and Security Engineer

Job Summary

Key Responsibilities

• Network Architecture & Design: Lead network design initiatives for both on-prem and cloud environments, ensuring all implementations are scalable, resilient, and align with design specifications and industry best practices.
• Firewall & Security Management: Deploy, configure, and manage a multi-vendor firewall environment (FortiGate, Cisco ASA, Sophos, SonicWall). Lead the implementation and maintenance of Web Application Firewalls (FortiWeb/WAF).
• Cloud & Hybrid Connectivity: Architect and maintain secure, high-availability connectivity between our office/data center networks and multiple cloud providers (GCP, Azure, AWS) using IPsec Site-to-Site VPNs.
• Infrastructure & Migration Projects: Orchestrate and lead complex infrastructure projects, including data center hardware migrations and end-to-end on-premise to cloud migrations.
• LAN/WLAN Management: Configure, manage, and troubleshoot enterprise-grade wired and wireless networks, including Cisco Catalyst switches (9800 WLC, 3850), FortiSwitches, Aruba Controllers, and associated access points.
• Operational Excellence: Maintain and monitor network connectivity for hundreds of locations, ensuring maximum uptime for critical devices. Proactively identify performance bottlenecks and security vulnerabilities and implement enhancements.
• L2/L3 Support & Troubleshooting: Serve as a senior escalation point for complex network issues. Perform system upgrades, patching, and security configurations. Liaise with vendors like Cisco TAC for swift problem resolution.
• Documentation: Create and maintain comprehensive, detailed documentation for all network configurations, processes, and architectures.
  

Required Skills & Qualifications

• Experience: 5-8 years of hands-on experience in network engineering, with a strong focus on network security and cloud connectivity.
• Firewall Expertise: Expert-level proficiency with FortiGate firewalls, switches, and APs. Demonstrable experience with other firewall brands such as Cisco ASA, Sophos, and SonicWall. Experience with WAF solutions (e.g., FortiWeb) is highly desirable.
• Switching & Routing: Deep hands-on experience with Cisco Catalyst switches (Layer 2/Layer 3), including configuration, monitoring, and troubleshooting.
• Cloud Networking: Proven experience establishing and managing secure VPN tunnels to major cloud providers, especially Google Cloud (GCP) and Azure.
• Wireless Networking: Experience with enterprise wireless solutions, including Cisco WLC and/or Aruba Controllers and APs.