Senior Network Engineer (Data Center Switch Design SME Position)

Job Title:

Location:

Job Overview

Senior Network Engineer

Required Qualifications (Non-Negotiable Minimums)

• At least 15 Years of experience as a Senior Network Engineer with extensive focus in Data Center Switching, Routing (BGP + OSPF), Multi-Fabric, VxLAN, and Microsegmentation design, implementation, and migrations
• Subject Matter Expert in HPE Aruba Switching platforms (all models), ClearPass, AFC (Aruba Fabric Composer), PSM (Pensando Policy Services Manager), Palo Alto NGFW, VMware, SAN, HCI, CA / PKI, Scripting Automation
• Proficiency across each of the following technology standards: EVPN, VxLAN, VNI, VTEP, VRF, MC-LAG, BGP, iBGP, eBGP, OSPF, EIGRP, STP, HSRP, VRRP, IGMP, ECMP, PVLAN, LACP, VSF, VSX, ACL, VPN, DNS, 802.1x
• Associate, Bachelor, or Master Degree in Information Technology, Information Systems, MIS, Computer Science, Networking, Cybersecurity, or a related field (or commensurate levels of experience over the past 15+ Years)
• Ability to work in a fast-paced team environment with a focus on learning and growth while upholding strong problem-solving skills, precise attention to detail, and a proactive approach amongst ongoing team collaboration
• Excellent communication skills (both verbal and written), willingness to learn new technologies + OEM solutions and participate in on-the-job training while continuing to strive for advancement to attain new IT Certifications

Summary of Responsibilities

• Design, plan, and implement scalable and robust network infrastructure to include configuration of: Data Center Networks, Switches, Routers, Firewalls & other related IT Infrastructure components across LAN / WAN / WLAN
• Provide Architect level expertise in the consulting, analysis, documentation, and setup of Enterprise Networks
• Perform routine advanced troubleshooting, monitoring and automation to resolve issues while isolating root cause
• Support network security initiatives, including device setup, IDS/IPS, and implementing security best practices
• Assist with MSP (Managed Service Provider) and MSSP (Managed Security Service Provider) efforts while helping to support client networks on a shift schedule basis (which could potentially include Off Hours work)
• Generate, review, and maintain and complex network documentation and diagrams, topologies, flow charts, etc.
• Collaborate with senior network and security engineers while deploying solutions and upgrading existing systems
• Work on a large portfolio of OEM solutions, gaining experience with leading technologies from various vendors

Detailed Responsibilities

• Architecture & Strategy
• Lead design and/or implement end-to-end Data Center Network Architecture (Fabric, DCI, Edge) projects within up to multiple simultaneous diverse workstreams across unique customer environments
• Define reference designs (Leaf-Spine, EVPN, VxLAN, MPLS) and patterns for new landscape builds
• Establish SLOs / SLAs, HA resilience targets (N+1, 2N), and capacity scalability policy frameworks
• Design & Implementation
• Produce HLD/LLD, IPAM/ASN plans, routing policy, QoS/queuing, and multicast strategy
• Lead greenfield builds, migrations, and brownfield designs with Zero or low-downtime MOP’s / SOP’s
• Engineer DCI (EVPN, VxLAN, L2/L3VPN, eBGP / iBGP, OSPF), load balancing, and service-chaining
• Operations, Reliability & Incident Management
• Own production reliability: detection, triage, escalation, on-call rotation, and post-incident RCAs
• Define and enforce change management (CAB, maintenance windows, rollback plans)
• Build drill/chaos exercises for failure domains (ECMP path loss, fabric partition, TCAM exhaustion)
• Automation & Tooling
• Drive “network as code”: source-controlled configs, code reviews, CI/CD pipelines
• Implement intent-based automation (Ansible / Python / Terraform, Vendor APIs, gNMI / Netconf / YANG)
• Stand up golden-config generation, compliance drift detection, and auto-remediation
• Monitoring, Telemetry & Performance
• Design observability: streaming telemetry, SNMP, NetFlow/IPFIX, sFlow, path-loss and jitter tests
• Create SLI dashboards and alerting (latency, loss, jitter, convergence, optic health)
• Capacity planning & forecasting (links, prefixes, MAC scale, buffers/TCAM, optics power budget)
• Security & Compliance
• Own Switch access controls (VRF, SGT/TrustSec, Microsegmentation/ACLs), Firewall architecture
• Enforce ZTNA principles for East-West and North-South Traffic
• Deliver audit-ready controls (SOC 2, PCI, HIPAA), Key/Certificate lifecycle, and config attestations
• Hybrid Cloud & Virtual Networking
• Integrate DC fabrics with public cloud (transit, direct connects, EVPN overlays)
• Support virtualization/container platforms (VMware NSX-T, Docker, KVM, Kubernetes CNI, service mesh ingress/egress)
• Optimize traffic for modern workloads (GPU clusters/HPC, storage replication, backup windows)
• Lifecycle & Vendor Management
• Evaluate/standardize platforms (spines/leaves, DC gateways, firewalls, LBs, optical)
• Manage hardware/software lifecycles, EOS/EOL/EOS-SW, and sparing strategy
• Lead RFPs, PoCs, TCO analysis, and vendor escalations
• Documentation & Knowledge
• Maintain living HLD/LLD, topology diagrams, runbooks, and accurate asset inventories/DCIM
• Mentor engineers, run design reviews, and deliver training sessions
• Test/Dev Lap Builds
• Spearhead new Test / Development Lab leveraging virtualized simulation platforms such as EVE-NG and/or others in order to replicate live production environments for project and/or training initiatives
• Maintain up to date Test/Dev Lab landscapes while making ongoing recommendations for any new IT Infrastructure components required in order to stay ahead of software code versions and patches
• Cross-Functional Leadership
• Collaborate with SRE/Platform/Storage/Security/Facilities on power/cooling, rack layouts, and cabling
• Translate business goals into network requirements and deliverables; communicate clearly to execs

Deliverable Types Expected

• HLDD (High-Level Design Document) / LLDD (Low-Level Design Document)
• As-Built Documents
• Network Diagram Topologies, Traffic Flow Charts & IPAM Schemas
• Rack Elevation Diagrams
• Standardized Golden Configs / Modules
• Automation Playbooks & Runbooks / MOP’s / SOP’s
• BCDR Test Plans
• RCA (Root Cause Analysis)
• LoE (Level of Effort) or RoM (Rough Order of Magnitude)
• Order of Operations Workflows
• Executive Summaries

Success Metrics / KPIs

• Fabric availability and SLO attainment; MTTR/MTBF trends.
• Change success rate and failed-change reductions.
• Capacity accuracy (forecast vs. actual), cost/TCO savings, power/port utilization.
• Security posture (policy coverage, micro-seg adoption, audit findings).
• Automation coverage (percentage of managed devices/configs via IaC).
• Time-to-deliver for builds/migrations; backlog burn-down.
• Mentorship impact and incident frequency/severity reduction.

Desired IT Certifications

While not mandatory, preference will be given to candidates holding IT Certifications with priority in the following order:

HPE Aruba Certifications – (“HPE Aruba Networking Certified”)

• Network Architect – Campus Access
• Network Architect – Data Center
• Expert – Switching
• Expert – Campus Access Switching
• Expert – Network Security
• Professional – Network Security
• Professional – Data Center
• Professional – Campus Access
• Product Certified – CX-10000
• Product Certified – ClearPass

Additional Certifications

• Any Virtualization or Server Certs such as: (VMware, HPE, Microsoft, etc.)
• Any DevOps or Automation Certs such as: (AWS Certified DevOps Engineer, Microsoft Certified: DevOps Engineer Expert, Certified Kubernetes Administrator, Docker Certified Associate)
• Any Cloud OEM Provider Certs such as: (AWS, Azure, GCP, OCI, etc.)
• Following Additional OEM’s: (Palo Alto, Microsoft, HPE Aruba, VMware, F5, Juniper)

Cisco Certifications

• CCNP Enterprise
• CCNP Service Provider
• CCNP Data Center
• CCNP Automation
• CCNP Cybersecurity
• CCNP Security
• CCIE (within same above tracks)

Environment

• Fast-paced entrepreneurial environment with a rapidly and exponentially growing tech company
• Opportunities will be there for professional development and IT Certification financial/cost reimbursement
• Collaborative and innovative team focused environment with top-tier engineers from many different countries
• Access to advanced toolsets, platforms, training and a large portfolio of OEM solutions to work on and learn
• Extensive Enterprise IT Professional + Managed Services portfolio and authorizations across top-tier OEM’s

people as its best asset

Our culture is based on these core values:

1.

2.

3.

4.

5.

October 20, 2025

Dear Candidates,

We appreciate your interest in applying for this open position with JMXi. With expertise across all facets of Enterprise IT Infrastructure, the JMXi Team provide specialized focus with Subject Matter Experts across the following divisions: Multi-Cloud, Network/Digital Transformation, SD-WAN, Firewall, NAC, LAN, Wireless LAN, RF, DAS, Private 5G, Route/Switch, Cybersecurity, CA/PKI, PIM/PAM, IdP, SSO, XDR/MDR, Unified Endpoint Management, MDM, Server/Systems, Virtualization, VDI/DaaS, SAN, CMMC, FedRAMP, Security Compliance Pre-Audits, and much more. Our ability to seamlessly integrate Networking, Security, and Enterprise IT stacks across Global locations makes us a strong partner for your next-generation IT service model.

Here are some of the key areas where JMXi provides value as a Professional Services and MSP/MSSP Partner:

1.

JMXi will be the MSP transition of choice for Gibraltar by delivering a seamless onboarding experience backed by proven expertise in network and IT managed services. Our dedicated team and strategic approach position JMXi as a trusted long-term partner committed to operational efficiency and innovation. JMXi adheres to strict SLA commitments that guarantee efficient response & resolution times for incidents.

2.

JMXi’s exponentially growth has allowed us to focus our SME’s across the following separate Teams: Firewall, Cybersecurity, SD-WAN, Multi-Cloud, Network, Server, SAN, IAM, Wireless, DAS, and more. This has allowed us to further strengthen the experience each of our Engineers continue to gain on a daily basis while driving projects across the industry leading OEM’s within each of these Towers.

3.

JMXi’s Palo Alto Firewall Certified Network Security Engineers maintain deep expertise across the Palo Alto Next-Generation Firewall stack along with all other solutions that Palo provides. Our SME’s have decades of combines experience with Firewall migrations, design, troubleshooting, management & more. Firewalls are some of the most critical assets any company has to enforce cyber defense mechanisms while protecting sensitive data and ultimately their overall brand.

4.

JMXi is a top-tier MSP transition choice for Cato per the enclosed proposal to deliver a robust service backed by proven expertise in ITSM and ITIL principles. Our dedicated team and strategic approach position JMXi as a trusted long-term partner committed to operational efficiency and innovation. JMXi adheres to rigorous SLA commitments that ensure minimum production downtime, proactive monitoring, and rapid incident response.

5.

JMXi provides services to manage all end-to-end components of any Enterprise IT Infrastructure landscape allowing our customers to focus on their daily revenue generating operations so they can do what they do best. We can help any size organization avoid the cumbersome process of having to maintain costly IT resources and keep them trained up on perpetually changing technologies and rapidly evolving cybersecurity threats.

At JMXi, we strive to deliver an exceptional working environment for all. We are excited to continue attracting the best of the best in terms of Global Engineering resources. If you feel that this is a good fit, then please reach out to us so that we can schedule a call to hear more about your experience and qualifications. Thank you once again for your consideration.