Senior Network Engineer - $230,000+ - CA, NYC, DC

Location: Onsite
Travel: Up to 10% for site-specific work (upgrades, maintenance, turn-ups, etc.)
Team: Technology Services - Network Engineering
Employment Type: Full-Time

Overview



We are seeking an experienced and highly skilled Senior Network Engineer to join our technical team. This role is ideal for a seasoned professional who thrives in a hands-on environment, implementing, maintaining, and optimizing modern network infrastructure.

You will be responsible for designing and supporting enterprise-grade network and security systems, including next-generation firewalls, campus switching, and enterprise wireless. Your expertise will help drive reliability, performance, and security through robust design, automation, and disciplined change management.

This senior-level position requires deep technical knowledge of networking and network security, particularly in Palo Alto Networks firewalls and Cisco/Meraki wired and wireless environments.

---

Core Tools & Technologies

• Vendors/OS: Palo Alto Networks (PAN-OS & Panorama), Cisco (IOS), Meraki, SonicWall (SonicOS, NSM), Ruckus
• Protocols: BGP, STP, LACP, 802.1X (EAP), IPsec/SSL VPN, QoS, DNS/DHCP, NAT, IPv6, LACP/EtherChannel, MC-LAGG/vPC
• Security Features: Malware Prevention, Anti-Spyware, Antivirus, Vulnerability Protection, File Blocking, Data Filtering, DNS Security, DoS/DDoS Protection, Zone Protection, Micro-Segmentation/ACLs, Zero-Trust Networking (ZTNA)

---

Key Responsibilities

• Network Implementation: Configure and deploy LANs, WANs, and wireless networks, including switches, firewalls, access points, and supporting hardware/software.
• Wireless & Wired Network Management: Oversee the lifecycle of Cisco switching and Meraki wireless infrastructure, including deployment, configuration, tuning, and capacity planning.
• Troubleshooting & Performance: Serve as a senior escalation point for all network-related issues. Perform advanced troubleshooting and root cause analysis (RCA) to ensure availability and performance.
• Firewall & Network Security: Manage and maintain Palo Alto Networks NGFWs and Panorama. Develop and implement robust security policies, NAT rules, and threat prevention strategies.
• Documentation & Collaboration: Maintain comprehensive network documentation and collaborate cross-functionally to deliver projects and resolve issues effectively.

---

Mandatory Qualifications



Cisco / Meraki Expertise

• Extensive hands-on experience with Cisco IOS and Meraki switches and access points.
• Deep experience designing, deploying, and operating Meraki MR wireless solutions, including Dashboard administration, RF optimization, and 802.1X authentication.
• Mastery of core network concepts: VLANs, trunking, STP, inter-VLAN routing, LACP/EtherChannel, MC-LAGG/vPC, DHCP Snooping, BPDU Guard.
• 7-10+ years of experience configuring and troubleshooting enterprise wired and wireless networks.

Advanced Troubleshooting Skills

• Proven ability to diagnose complex network issues using tools such as Wireshark/TCPDump, ping, and traceroute.
• Strong preference for candidates with CCNP- or CCIE-level wireless troubleshooting expertise.
• Demonstrated ability to troubleshoot NGFW policy and feature set issues (e.g., URL Filtering, DNS Security, Threat Prevention, Data Filtering, App-ID, User-ID).

Communication Skills

• Exceptional written and verbal communication skills.
• Ability to clearly articulate complex technical concepts to both technical stakeholders and non-technical audiences.

Palo Alto Networks Expertise

• Proven experience managing, configuring, and troubleshooting Palo Alto NGFWs and Panorama.
• Strong knowledge of HA, templates, device groups, and best-practice implementation of full NGFW feature sets.
• 3-5+ years of experience configuring and operating Palo Alto Networks NGFWs.

---

Desired Qualifications

• Certifications: Cisco Certified Network Professional (CCNP), Palo Alto Networks Certified Network Security Engineer (PCNSE)
• Additional Technical Experience:
  • Familiarity with SonicWall firewalls and/or Ruckus wireless systems.
  • Strong understanding of BGP, route maps, and redistribution profiles.
  • Experience with Palo Alto's Advanced Routing Engine (ARE) and multi-virtual router topologies.
  • Hands-on experience with 802.1X, RADIUS, PKI, DNS, and related technologies.
  • Experience with network automation tools such as Ansible, Terraform, Jinja2, and PAN XAPI.