The Network Engineer will be part of a team responsible for delivering corporate network and security services for datacenter and branch offices in a mission-critical enterprise environment in a 24x7 follow-the-sun with on-call rotation model. The role will encompass network design, delivery, engineering, performance management, capacity planning and forecasting for all network elements including firewalls and load-balancers. The role requires extensive knowledge and ownership throughout the full lifecycle of the network (PPDIOO).
In addition, the position will be involved in research and development activities and work with Network Architects to develop solutions to complex network engineering problems.
Requirements gathering, budgeting, ordering, planning, assessing and mitigating risks, consistent configuration and deployment of network services, with ownership of the delivery process for the entire product and service lifecycle.
Configure and maintain all routers, switches, wireline and wireless networks, firewalls, load balancers, wan optimization, traffic acceleration, proxies, application-aware path-selection and shaping devices.
Provide excellent customer service to internal and external clients, including response to escalations, proactively notifying customers of network issues, assessing and communicating business impact.
Participate in 24x7 on-call support on a rotation basis (average 1 week per month)
Track, report, and proactively address network capacity issues based on business forecasts.
Configure and utilize a variety of network management tools.
Find and implement new technologies that simplify the network environment while improving security and performance.
Develop, manage and execute controls in support of the company's compliance landscape (SOX, SAS70, PCI)
Follow IT change control best practices for predictable results.
Analyze and recommend contemporary and emerging technologies for deployment across the enterprise.
Network capacity planning, performance tuning and troubleshooting.
Provisioning of new circuits for Internet, MAN, and MPLS.
Create and maintain up to date documentation of the network environment detailing configuration of deployed solutions.
Fast isolation and resolution of network routing, switching, security, load balancing, wan optimization, shaping and quality of service issues.
Provide design engineering Level 4 support for the corporate network & mentor Level 2 and 3 Network team members.
Drive the continual evolution and support of the disaster recovery plan for consistency between sites.
Demonstrate good judgment in solving problems as well as identifying problems in advance, and proposing solutions.
Required skills and experience:
Five years solid experience in design, provisioning and troubleshooting of LAN/WAN. Hands-on experience with routers, switches, firewalls, and VPNs.
Must be familiar with configuring and design of routing and switching solutions including, but not limited to, ACLs, VLANs, VRFs, Port Security, Traffic Shaping, Traffic Policing, Priority Queuing, Modular QoS, IP Multicast, multi chassis etherchannel (vPC, VSS) and tunneling.
Advanced Routing Principles of Operation, Configuration and Troubleshooting including, but not limited to OSI Reference model and IETF TCP/IP suite, Unicast, Broadcast, Multicast communications, Process and Fast Switching, Cisco Express Forwarding, IP Addressing Management IPv4/IPv6, VLSM, CIDR, Static Routing, EGP and IGP, Route Redistribution, Route Filtering, Policy Based Routing (PBR), NAT, PAT, HSRP, GLBP, VRRP, VRF-lite.
Traffic Management Principles, Configuration and Troubleshooting including but not limited to Traffic Performance Metrics, Throughput, Delay, Jitter, Bandwidth, Packet Loss, Congestion Management.
Solid practical working knowledge of Transmission Control Protocol and troubleshooting wide-area network issues related to TCP Bandwidth Delay Product.
Solid understanding of OSPF and BGP routing protocols for routed protocols IPv4/IPv6.
Very good understanding of the datacenter and branch office model architectures
Good understanding of the network and firewall platforms architecture.
Very good knowledge of Cisco routing, switching, and VPN (S2S/GRE/IPSEC/DMVPN)
Intermediate knowledge and practice of IPv4 to IPv6 transitioning.
Good knowledge of Cisco firewalling. Use of Cisco Prime Security Manager.
Good knowledge of Cisco RAS VPNs. Use of Cisco Security Manager and ASDM.
Good knowledge of Cisco Wireless. Use of the Cisco Prime Infrastructure.
Good knowledge of Juniper routing and security. Use of Juniper NSM.
Good knowledge of Checkpoint firewalls (GAIA) and centralized mgmt (MSDM).
Good knowledge of Cisco ACS/ISE for AAA services.
Basic proficiency of Palo Alto and Fortinet firewalls.
Basic proficiency of F5 and Citrix Netscalar load balancers.
Basic knowledge of Active Directory and DNS services.
Basic knowledge of voice (SIP/SCCP/H.323/RTP/RTCP)
Familiarity with virtual firewall and load balancing best practices.
Associate level certification (i.e. CCNA, JNCIA-FWV, etc)
Preferred skills and experience:
Advanced experience with datacenter routing, switching, technologies (vPC, FEX, VDC) and experience with the Nexus platforms (N5K, N7K)
Advanced experience with Next-Gen firewalls (Checkpoint, Palo Alto, Cisco ASA) and Next-gen features (Application visibility, web filtering, identity control)
Advanced knowledge of Wireless.
Advanced experience with 802.1X
Advanced experience of load balancers management and configuration of features.
ITIL foundations, CCNP/CCDP/CCIP or higher.
Desired Experience as a plus:
Threat prevention for firewalls (IPS, Anti-bot, Anti-spam, Anti-virus, DLP).
Advanced experience with Juniper SRX firewalls.
Advanced experience with Cisco ASA CX firewalls.
Advanced experience with Cisco ASR/ISR.
Experience with ARIN, RIPE, APNIC process resource allocation and mgmt.
Excellent writing and communication skills.
Actively involved, organized, reliable and accountable.
Ability and desire to learn and grow independently as well as in a team.
Multitasking ability to manage time well and meet multiple deadlines in a hectic environment.
Very good documentation skills.
Team player, working in a production, 24x7 mission critical environment
Minimum current and active CCNA or equivalent level networking certification acceptable. CCNP and/or CCIE R&S preferred.
A Bachelors Degree in Computer Science, Engineering, or equivalent; from accredited institution, is preferred