Job Description:

Our client is seeking a Senior Network Engineer to own the design, operation, and continuous hardening of the enterprise network and perimeter security environment. This role leads day-to-day network operations across LAN, WAN, and Wi-Fi, administers and optimizes firewalls and site-to-site VPNs, and partners closely with Cybersecurity and Operations. The ideal candidate is hands-on with troubleshooting, performance tuning, and automation, while shaping standards and guardrails that keep the environment resilient and compliant. Design, implement, and maintain secure network architectures across on-premises, cloud, and hybrid environments Own capacity planning, high availability, and performance optimization using advanced monitoring and telemetry Lead complex troubleshooting across routing, tunnels, NAT, BGP, OSPF, EVPN, QoS, VLAN segmentation, Wi-Fi, internet circuits, inter-site connectivity, and remote access Administer enterprise firewalls and VPN gateways; maintain secure configurations that deny all inbound traffic unless by approved exception Oversee the full firewall rule lifecycle including intake, business justification, review, approval, implementation, logging, monitoring, and periodic recertification Ensure all administrative access is logged and monitored; remediate findings in partnership with Cybersecurity Partner with Cybersecurity and GRC to align controls with cybersecurity policy, contribute to risk assessments, and support incident response Drive disciplined change, configuration, and release processes with rollback planning and post-change validation Automate repetitive tasks (configuration baselines, ruleset checks, backups) using infrastructure-as-code and scripting (Ansible, Terraform, Python) Build actionable dashboards, runbooks, and diagrams; maintain complete and auditable network inventories and rule repositories Operate and tune enterprise firewall platforms (Palo Alto experience strongly preferred) Manage carrier and OEM relationships; evaluate and implement cost-effective network and security enhancements Provide mentorship, lead incident bridges, and communicate clearly during planned changes and outages Required Qualifications Bachelor’s Degree in Information Technology, Computer Science, Engineering, or related field 7 10+ years of enterprise networking experience with hands-on ownership of firewalls and site connectivity Deep expertise in routing and switching (BGP, OSPF, EVPN), VPNs (IPsec, SSL), NAT, segmentation, and network security architectures (zero trust/perimeter controls) Proven experience managing large firewall environments including rule governance, logging/SIEM integration, and audit/compliance cycles Proficiency with network automation and scripting (Ansible, Terraform, Python) Experience with observability tools such as SolarWinds, NetFlow, SNMP, synthetic monitoring, and packet capture Strong incident leadership, root cause analysis, and stakeholder communication skills Preferred Qualifications Certifications such as CCNP/CCIE, PCNSE (Palo Alto), JNCIP/JNCIE, NSE (Fortinet), or equivalent Experience in multi-site data center environments Background in regulated or critical infrastructure environments with formal change and configuration management Key Competencies Ownership and accountability under pressure Strong cross-functional collaboration with Cybersecurity and Operations Clear written and verbal communication with both technical and non-technical stakeholders Benefits: Health Insurance Sick time 401k Pay Range: $60.00 – $70.00 per hour (Depending on experience and qualifications) By applying for this job, you agree to receive calls, AI-generated calls, text messages, or emails from HEPCO, Inc and its affiliates, and contracted partners. Frequency varies for text messages. Message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You can reply STOP to cancel and HELP for help. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, gender expression, marital status, national origin, age, veteran status, disability, or any other protected class.