Sr. Network Engineer

RESPONSIBILITIES TECHNICAL LEADERSHIP & ESCALATION

• Serve as the primary escalation point for complex network incidents, outages, and performance issues owing problems through to resolution with clear communication to stakeholders
• Provide expert guidance to internal engineers, MSP resources, and NOC personnel on architecture, troubleshooting methodology, and root cause analysis
• Lead post-incident reviews, drive root cause identification, and implement lasting remediations to prevent recurrence
• Evaluate complex vendor and MSP escalations; make technical decisions on design, tooling, and resolution approach

• Work with the Director of Network & Infrastructure to architect scalable, resilient, and secure network solutions across LAN, WAN, wireless, cloud, and building infrastructure
• Lead the design and evolution of network segmentation strategy including zero-trust principles, VRF separation, and secure OT/IT boundary enforcement
• Develop and maintain network infrastructure standards, reference architectures, and design patterns for consistent deployment across properties
• Evaluate emerging technologies and contribute to the long‑term infrastructure roadmap, particularly around Palo Alto / Panorama, Aruba, and cloud connectivity platforms

• Design, deploy, and manage enterprise network infrastructure across BMS, IoT, Wi‑Fi, Prop Tech, AV, security systems, corporate offices, and the Observatory
• Administer Palo Alto NGFWs via Panorama — policy management, threat prevention, VPN, NAT, and security profile lifecycle management
• Manage and optimize Aruba switching and wireless infrastructure including configuration, upgrades, RF planning, and troubleshooting via Aruba Central
• Own BGP, OSPF, VLANs, VPN, QoS, and DNS configurations across multi‑site environments
• Manage WAN and ISP connectivity including failover design and carrier‑level troubleshooting
• Support IoT and Prop Tech deployments in a secure manner with a focus on building systems, access control, and sustainability technology

• Lead network security posture improvements including firewall policy lifecycle, ACL governance, and vulnerability remediation
• Administer Zscaler ZIA and ZPA — URL filtering, SSL inspection, cloud firewall rules, and app connector management
• Manage Proofpoint email security platform including anti‑spam, anti‑phishing, encryption, and threat response policies
• Administer Bit Sight to track, triage, and coordinate remediation of external security posture findings
• Maintain PCI‑DSS and SOX compliance through adherence to and enforcement of network policies and procedures
• Collaborate with the MSSP on security monitoring, threat analysis, and incident response
• Ensure timely application of patches, hotfixes, and firmware upgrades across all network equipment

• Administer Okta for SSO/SAML/OIDC, MFA enforcement, and user lifecycle management including SCIM provisioning and deprovisioning
• Manage Conditional Access Policies and integrate identity platforms with Palo Alto User‑, Zscaler IdP federation, and Azure AD
• Design and manage Microsoft Azure cloud networking including hybrid connectivity, VNet architecture, NSGs, and Azure Firewall
• Support Microsoft 365 and Exchange Online from a network and connectivity perspective including split tunneling and optimization
• Support IAM and PAM platforms as they relate to network access control and privilege governance

• Manage physical server infrastructure, rack equipment installation, and data center operations including cabling, power, and cooling
• Administer building riser infrastructure and ensure secure integration of IT and OT devices on segregated network segments
• Support VMware vSphere virtual networking environments and server resource management
• Oversee SAN/NAS storage networking and business continuity / backup technologies

• Drive network monitoring strategy and tooling to ensure proactive alerting and performance trending across the full infrastructure estate
• Author and maintain high‑quality documentation including topology diagrams,…