Senior Network & Systems Engineer

Job Title:

Senior Network & Systems Engineer

Location:

Miami, FL (On-site with multi-site support)
Salary: $175,000 + benefits

Reports To:

VP of ITJob Number: 7367

The Senior Network & Systems Engineer is responsible for the architecture, performance, security, and lifecycle management of the organization’s enterprise network and Microsoft infrastructure environment.

This role serves as the technical authority for Cisco Meraki networking, Windows Server systems, virtualization platforms, and identity services. In addition to operational oversight, this position leads infrastructure modernization initiatives, security hardening efforts, and strategic technology planning.

While a third-party provider supports cybersecurity monitoring and compliance activities, this role provides internal technical leadership for secure architecture design, segmentation strategy, and risk mitigation.

This is a senior-level engineering role requiring strong design capabilities, operational discipline, and cross-functional leadership.

• Own the design and lifecycle management of Cisco Meraki environments (MX security appliances, MS switching, MR wireless).
• Architect and maintain scalable LAN/WAN topologies including VLAN segmentation, routing strategy, SD-WAN policy design, QoS optimization, and resilient VPN architectures.
• Design secure remote access strategies (AutoVPN, client VPN, MFA integration).
• Lead WAN strategy including ISP redundancy, bandwidth planning, failover validation, and performance optimization.
• Establish wireless architecture standards including RF planning, enterprise authentication (802.1X), and secure guest network segmentation.
• Maintain and optimize monitoring systems (SNMP, syslog, telemetry, baselining).

• Architect and maintain Microsoft Server environments including:
  • Active Directory (multi-site replication, GPO strategy)
  • DNS/DHCP architecture
  • Certificate services
• Lead Microsoft 365 architecture and hybrid identity integration (Entra ).
• Ensure network readiness and QoS optimization for Teams, VoIP, and collaboration services.
• Oversee VMware infrastructure including host lifecycle management, storage integration, and HA strategy.
• Develop Power Shell automation for administration, reporting, and configuration validation.
• Lead infrastructure lifecycle planning and upgrade roadmaps.

While monitoring may be outsourced, this role provides internal engineering ownership of secure infrastructure design.

• Design and maintain network segmentation strategy aligned with least-privilege principles.
• Oversee firewall rule governance and change control.
• Tune IDS/IPS configurations in coordination with third-party security teams.
• Implement and maintain secure remote access controls (MFA, certificate-based auth, NAC concepts).
• Lead vulnerability remediation efforts across network and server infrastructure.
• Support incident response investigations from an infrastructure standpoint.
• Maintain logging, retention, and audit evidence practices.
• Participate in compliance and audit preparation (e.g., NIST-aligned controls, SOC-related reviews if applicable).
• Perform periodic security posture reviews and recommend architecture improvements.

• Own network and systems change management processes.
• Lead major incident response for infrastructure-related outages.
• Mentor junior IT staff and provide technical guidance.
• Maintain detailed infrastructure documentation including diagrams, standards, and runbooks.
• Coordinate vendors including ISPs, hardware providers, and security partners.
• Participate in executive-level reporting on infrastructure health and risk posture.

• 7–10+ years of progressive network and systems engineering experience.
• Advanced hands-on experience with Cisco Meraki (MX/MS/MR) in enterprise production environments.
• Deep understanding of:
  • TCP/IP, routing protocols, VLAN design
  • SD-WAN architecture
  • VPN technologies
  • Wireless enterprise design
• Strong Microsoft infrastructure experience:
  • Active Directory architecture
  • Hybrid identity (Entra )
  • Microsoft 365 integration
• VMware infrastructure engineering experience.
• Strong Power Shell scripting and automation skills.
• Experience leading vulnerability remediation and infrastructure hardening initiatives.
• Proven ability to architect and document enterprise-grade solutions.
• Strong written and verbal communication skills.

• Meraki ECMS certification or equivalent.
• Microsoft certifications (Azure Administrator, Identity-related certifications).
• Experience with 802.1X, RADIUS (NPS), NAC solutions.
• Experience with Azure networking (VNets, VPN Gateway, Express Route concepts).
• Experience supporting regulatory or compliance-driven environments.

• Documented, optimized, and standardized network architecture.
• Reduced infrastructure-related security risk exposure.
• Improved WAN resilience and wireless…