×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Systems Engineer Network Security Cloud Computing

Senior Network Engineer

Job in Deerfield, Lake County, Illinois, 60015, USA
Listing for: AceStack
Full Time position
Listed on 2026-06-01
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer, Network Security, Cloud Computing
Job Description & How to Apply Below
Role:
Senior Network Engineer

Location:
Deerfield, IL (Onsite)

FTE Only

Job Description

Must Have Technical/Functional Skills
  • 7+ years of network engineering experience in large enterprise environments (global WAN, multi-site data centre, 10,000+ endpoints).
  • 3+ years of hands-on Azure networking experience:
    Virtual WAN, Express Route, Azure Firewall, NSGs, Private Endpoints, and Azure DNS.
  • Expert-level knowledge of routing protocols: BGP (eBGP/iBGP), OSPF, EIGRP, and IS-IS in enterprise and service provider contexts.
  • Deep expertise in enterprise switching:
    Spanning Tree variants (RSTP/MSTP), VLAN architecture, VxLAN/EVPN in data centre fabrics.
  • Hands-on experience with enterprise firewall platforms:
    Palo Alto PAN-OS (required), Fortinet Forti

    OS, or Cisco FTD/ASA.
  • CCNP Enterprise or CCNP Security (active) required; CCIE preferred.
  • Experience with enterprise network automation:
    Python (Netmiko/NAPALM/Nornir), Ansible, or Terraform (azurerm networking resources).
Required/Preferred

Certifications:

  • CCNP Enterprise (Required) | AZ-700 (Highly Desirable) | Palo Alto PCNSE | CCIE (Preferred) | Fortinet NSE 4+


Roles & Responsibilities
Enterprise Azure Network Architecture & Operations
  • Design and operate enterprise Azure network architecture:
    Azure Virtu al WAN hub-and-spoke topology connecting 20+ Azure subscriptions, on-premises data centres, and branch offices globally.
  • Manage and optimise Express Route circuits (10

    Gbps+) including BGP routing policy, route filtering, and failover to Site-to-Site VPN backup paths.
  • Own Azure Firewall Premium policy management across all Azure regions; implement IDPS signatures, TLS inspection, and URL filtering aligned to enterprise security policy.
  • Design and maintain Azure Private DNS Zone architecture integrated with on-premises DNS resolvers (Conditional Forwarders / Azure DNS Private Resolver).
  • Implement and govern Private Endpoint and Private Link strategy for all PaaS services (Azure SQL, Storage, Key Vault, AKS API Server, etc.) to eliminate public exposure.
On-Premises & WAN Infrastructure
  • Configure, manage, and optimise enterprise routing and switching infrastructure across Cisco Catalyst /Nexus, Juniper EX/QFX, and Arista platforms in Tier 3+ data centres.
  • Administer BGP peering with upstream ISPs and Azure Express Route; manage AS path manipulation, route redistribution and traffic engineering policies.
  • Design and operate SD-WAN overlay (Cisco Catalyst SD-WAN / VMware Velo Cloud) for 200+ branch sites , including policy-based routing and application-aware path selection.
  • Manage enterprise network security perimeter:
    Palo Alto PA-Series (on-premises), Fortinet Forti Gate (branch), and Cisco ISE for 802.1X NAC and segmentation.
Security, Zero Trust & Network Segmentation
  • Lead implementation of Zero Trust Network Access (ZTNA) architecture using Microsoft Entra Private Access and Entra Internet Access as part of t he enterprise SASE strategy.
  • Design and maintain macro and micro-segmentation strategies using VLANs, VRFs, NSGs, Azure Firewall Policy rule collections, and AKS network policies (Calico/Cilium).
  • Conduct periodic network security reviews and vulnerability assessments; remediate findings from penetration testing and threat intelligence feeds within agreed SLA.
  • Collaborate with the SOC and Cyber Security teams to investigate network-based threats and support forensic analysis of network traffic using Azure Network Watcher and NSG Flow Logs.
Monitoring, Capacity & Governance
  • Operate and enhance network monitoring using Azure Network Performance Monitor, Log Analytics Thousand Eyes, and Solar Winds NPM for end-to-end visibility across hybrid estate.
  • Lead capacity planning for WAN circuits, Azure VNet address spaces, and data centre switching fabrics. present quarterly capacity reviews to the Head of Infrastructure.
Generic Managerial Skills, If any
  • Maintain accurate, audit-ready network documentation: topology diagrams (Visio/Lucid chart), IP Address Management (IPAM) in Azure/Info Blox, change records in Service Now.
  • Participate in 24/7 on-call rota for P1/P2 network incidents, act as Network SME for Major Incident Management bridge calls.
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search