Sr Network and Systems Engineer

Job Description

We are seeking a highly skilled Senior Network and Systems Engineer to lead the architecture, implementation, and ongoing support of complex client network environments. This role is ideal for a seasoned professional who thrives on designing resilient networks, troubleshooting critical issues, hardening security at the edge, and producing exceptional documentation that drives consistency and compliance.

You will join a collaborative team supporting multi-client, multi-server environments where clarity, repeatability, and technical excellence are key. The ideal candidate combines deep networking expertise with strong firewall, VPN, wireless, and SD-WAN experience and a methodical approach to change management and documentation.

While the primary focus is networking, the successful candidate brings solid Windows Server and virtualization fundamentals — enough to confidently handle routine systems administration tasks and contribute on server-side work as needed.

• Design secure, scalable L2/L3 network architectures — routing, switching, VLAN segmentation, QoS, SD-WAN, and high availability.
• Configure, deploy, and manage enterprise routing and switching environments — ensuring performance, reliability, and security across multi-site client networks.
• Lead network design discussions across multi-client environments, including HLD/LLD diagrams, IP schemes, and VLAN plans.
• Troubleshoot complex network issues using packet analysis, telemetry tools, and structured root-cause methodology.
• Standardize configurations and rollout templates for repeatable, low-risk deployments.
• Plan and execute network change windows, firmware upgrades, and configuration backups.

• Design, deploy, and harden Fortinet firewalls (required), as well as other firewall platforms (Palo Alto, Sonic Wall, Cisco ASA) where present — policy management, NAT, IPsec/SSL VPN, IDS/IPS, segmentation, and identity‑aware policies.
• Implement and maintain site‑to‑site VPN, client/remote‑access VPN, and hybrid connectivity to Azure and AWS (Express Route / Direct Connect concepts).
• Manage SIEM integrations, log forwarding, and security monitoring for network devices.
• Support compliance with frameworks such as HIPAA, CMMC, and PCI through proper hardening, logging, and documentation.

• Design and manage enterprise Wi‑Fi environments — wireless controllers, access points, SSIDs, and RF planning (primarily Ubiquiti, with some Meraki and other platforms as needed).
• Deploy and operate SD‑WAN solutions (primarily Fortinet, with other platforms as needed) across client sites.
• Implement NAC / 802.1X and identity‑aware network policies.

• Comfortably handle routine Windows Server administration tasks — Active Directory user/group management, DNS, DHCP, Group Policy, and file/print services.
• Perform basic virtualization administration (VMware and/or Hyper‑V) including VM provisioning, snapshots, and routine host checks.
• Support backup and disaster recovery operations — monitor BDR appliances and cloud replication jobs, triage failures, and assist with restores when needed.
• Contribute to cloud migration projects (primarily Azure, secondarily AWS and Zimcom‑hosted environments) from the network and connectivity side.

• Produce detailed HLD/LLD diagrams, MOPs (methods of procedure), runbooks, and as‑built documentation.
• Maintain configuration baselines, device inventories, change records, and standardized rollout templates.
• Use documentation tools to keep client environments current and auditable.

• Partner with project managers, account teams, and the broader engineering team to deliver client outcomes on schedule.
• Serve as a senior escalation point for complex network, firewall, VPN, and wireless issues, and as a competent owner of routine server administration work.
• Participate in rotating on‑call coverage and planned maintenance windows.
• Mentor junior engineers and contribute to internal standards, runbooks, and knowledge base.

• 8+ years of…