Network Engineer

Key Responsibilities

Corporate & Campus Networking
• Design and maintain the corporate LAN, including access/distribution/core switching, 
VLANs, STP, and QoS for our Palo Alto HQ and remote offices.

• Manage and optimize the wireless LAN infrastructure (controller-based and cloud-
managed), including site surveys, RF planning, SSID design, and client troubleshooting.
• Administer 802.1X network access control, certificate-based authentication, and guest
network segmentation.

Data center Networking
• Operate and evolve the data center network, including spine-leaf architecture, BGP,
VxLAN /EVPN overlays, and high-availability designs.
• Ensure network stability and performance across on-premises datacenter infrastructure,
proactively monitoring capacity and latency baselines.
• Partner with Server, Storage, and Platform Engineering teams on rack-and-stack
connectivity, new service deployments, and capacity expansions.

Security & Firewall (Palo Alto Networks)
• Manage Palo Alto Networks NGFW platforms (PA-Series, Panorama, SCM), including
security policy, App-ID, URL filtering, Threat Prevention, and WildFire integration.
• Administer GlobalProtect VPN and Prisma Access for remote access and enforce zero-trust
network segmentation between zones.
• Conduct firewall rule reviews, clean up unused policies, and support periodic security audits.

Reliability & Automation
• Monitor network health using observability tooling (SNMP, streaming telemetry,
NetFlow/sFlow) and drive resolution of incidents and root-cause analyses.
• Develop and maintain automation scripts and configuration management workflows (Python,
Ansible, Terraform) to reduce toil and improve consistency.

Job Description

• Use AI-assisted tools to accelerate log analysis, runbook generation, and network
documentation.

Required Qualifications
• 4–6 years of hands-on enterprise network engineering experience.
• Proficiency with Palo Alto Networks NGFWs and Panorama; experience with security policy
management, zone-based segmentation, and GlobalProtect VPN.
• Solid understanding of routing and switching fundamentals: BGP, OSPF, STP/RSTP,
VLANs, LACP, and L2/L3 design.
• Experience designing and supporting enterprise wireless networks (Cisco Meraki, Aruba, or
equivalent); familiarity with 802.11ax/Wi-Fi 6 and RF optimization.
• Working knowledge of datacenter networking concepts: spine-leaf, VxLAN/EVPN, and high-
availability failover.
• Strong troubleshooting methodology—comfortable working through complex multi-layer
problems in production environments.
• Effective written and verbal communication; able to produce clear runbooks and incident
postmortems.

Preferred Qualifications
• Relevant certifications: PCNSE (Palo Alto Networks), CCNP Enterprise, CWNA/CWSP, or
equivalent.
• Experience with network automation using Python, Ansible, or Terraform.
• Familiarity with public cloud networking (AWS, Azure, or GCP) as it intersects with on-
premises connectivity (Direct Connect, ExpressRoute, VPN).
• Exposure to load balancers (F5, AVI/NSX ALB, NGINX) and application delivery in
datacenter environments.
• Experience with 802.1X / NAC platforms (Cisco ISE, Aruba ClearPass, or equivalent).
• Comfort using AI tools (e.g., Claude, Copilot) for network operations, documentation, and
automation tasks is a plus and actively encouraged