Senior Network Engineer

Job Description

Senior Network Engineer

Onsite in Boston 4 days a week ***(LOCAL CANDIDATES ONLY)***

Type: Temp to Permanent

**No 3rd Party Applicants**

• Target Salary $150 w/Profit Sharing Bonus
• Initial Projects are HW replacements for Firewalls/server, SD-Wan, and Azure infrastructure
• May require some light travel
• On-call rotation every two weeks. (low volume call, previous year 3 calls total)
• Want someone who can lead efforts and work autonomously

Summary

The Senior Network Engineer is responsible for the design, implementation, integration, and ongoing operation of enterprise networking and security platforms, including LAN, WAN, wireless, telephony, multi-cloud networking (Azure and AWS), and Secure Access Service Edge (SASE) architectures. This role requires deep expertise in Cisco networking, Palo Alto security platforms, SASE/SD-WAN, and public cloud networking services. The engineer ensures high availability, resiliency, scalability, and security while leading modernization initiatives that align network and security capabilities with business objectives.

Responsibilities

• Design, implement, and support enterprise networking infrastructure, including LAN/WAN, SD-WAN, firewalls, VPNs, routing, switching, wireless, and voice.
• Architect, deploy, and operate SASE solutions, including secure internet breakout, identity-based access controls, cloud-delivered security services, traffic steering, resiliency, and high availability across multiple transports and regions.
• Implement and manage Cisco platforms (Catalyst, Nexus, ISR/ASR, Call Manager, IOS-XE/NX-OS).
• Manage and optimize Palo Alto platforms, including next-generation firewalls and cloud-delivered security services (SSL decryption, NAT, URL filtering, DLP, GlobalProtect, Threat Prevention).
• Design, deploy, and administer Microsoft Azure and AWS networking services, including:
• Azure: VNets, VPN Gateway, ExpressRoute, Network Security Groups, Azure Firewall, Load Balancers, Application Gateway, DNS.
• AWS: VPCs, Transit Gateway, Site-to-Site and Client VPN, Direct Connect, Security Groups, Network ACLs, Elastic Load Balancing, Route 53.
• Support secure hybrid and multi-cloud connectivity between on-premises environments, Azure, AWS, and SASE points of presence.
• Enforce security and compliance requirements using segmentation, zero-trust principles, least-privilege access, centralized policy management, and identity-aware security controls.
• Perform capacity planning, monitoring, and performance optimization across WAN, cloud, and SASE infrastructures.
• Collaborate with security, infrastructure, and application teams on cross-functional initiatives.
• Lead vendor engagements for network hardware, cloud connectivity, SASE services, lifecycle management, and roadmap planning.
• Maintain accurate documentation, including network diagrams, standards, configurations, and operational runbooks.
• Provide Tier-3 escalation support and participate in on-call rotations.

Qualifications

• Bachelor's in Computer Science, Information Technology, or equivalent experience.
• 8+ years of hands-on experience in enterprise network and security engineering.
• Preferred certifications: Cisco CCNP/CCIE, Palo Alto PCNSE, Microsoft Azure Network Engineer Associate, AWS Advanced Networking or Solutions Architect.
• Expert-level knowledge of: o Cisco routing and switching (BGP, OSPF, EIGRP, MPLS, QoS, VoIP, SIP, H.323).
• Palo Alto security technologies (App-ID, User-ID, Panorama, Threat Prevention).
• Azure and AWS networking architectures, including private connectivity (ExpressRoute, Direct Connect), hybrid routing, and cloud security controls.
• SASE and SD-WAN architectures, including secure web gateways, zero-trust access, identity-based policy enforcement, and cloud security services.
• Strong experience with Aruba Wireless, ClearPass, VPNs, and remote access solutions.
• Familiarity with network and security monitoring platforms (SolarWinds, Cisco DNA Center, Palo Alto Panorama, Azure Monitor, AWS CloudWatch).
• Proven troubleshooting, project execution, and executive-level communication skills.

AI-Enhanced Responsibilities

• Leverage AI-driven analytics to proactively detect anomalies, predict failures, and optimize network performance across on-prem, cloud, and SASE environments.
• Implement AI-based security analytics for advanced threat detection, behavioral analysis, and automated response across firewall and SASE platforms.
• Use AI-assisted traffic analysis to optimize routing, bandwidth utilization, and application performance across hybrid and multi-cloud architectures.
• Integrate AI-powered automation to streamline configuration management, compliance validation, and change management.

AI-Enhanced Qualifications

• Experience with AI-enabled networking and security platforms (e.g., Cisco DNA Center AI Analytics, Palo Alto Cortex, Azure AI monitoring, AWS native analytics).
• Understanding of AI/ML concepts applied to networking and security, including anomaly detection, predictive maintenance, and adaptive policy enforcement.