Design and continuously improve enterprise network architecture across all physical sites and AWS cloud environments.
Define and enforce network standards for firewall management, segmentation, routing, switching, and zero trust access.
Advise IT leadership, security, and engineering teams on network-related decisions.
Mentor junior network engineers and drive knowledge transfer across the team.
Drive Infrastructure as Code adoption for network devices using Terraform or equivalent.
Manage Cisco Catalyst switching across all sites, including VLAN design, STP, inter-VLAN routing, and port security.
Administer Palo Alto firewalls, including security policies, NAT, threat prevention, and firmware lifecycle.
Manage Cisco Meraki wireless infrastructure, including AP deployment and RF optimization.
Lead datacenter network operations and support ongoing infrastructure migrations.
Maintain and secure FedLine network connectivity in compliance with Federal Reserve requirements.
Own and manage all AWS cloud networking infrastructure, including VPCs, subnets, security groups, NACLs, Transit Gateway.
Manage Zscaler ZIA and ZPA deployments, including app segments, connector groups, and Transit Gateway integration.
Serve as the escalation point for complex network issues across physical and cloud environments.
Investigate and respond to network security alerts in collaboration with the security operations team.
Lead root cause analysis and post-incident reviews, driving systemic improvements.
Maintain network documentation, diagrams, and runbooks.
Periodic travel to Branch offices and Datacenter sites, quarterly or as necessary.
Perform all other duties as assigned.

Requirements

7+ years of progressive experience in network engineering, with a strong focus on enterprise LAN/WAN, firewall management, and cloud networking.
Proven success designing, deploying, and operating network infrastructure in a regulated or compliance-driven environment (banking, financial services, or healthcare preferred).
Deep expertise in:
- Switching & Routing: Cisco Catalyst (IOS-XE), VLAN design, STP, OSPF/BGP, inter-VLAN routing
- Firewalls: Palo Alto (PAN-OS), security policies, NAT
- Zero Trust Networking: Zscaler ZIA and ZPA, app segments, connector deployment, access policies
- Cloud/Software Defined Networking: AWS VPC, Transit Gateway, security groups, NACLs, Direct Connect, site-to-site VPN
- Infrastructure as Code: Terraform (or equivalent) for network device and cloud resource management
- Automation & Scripting: Python, Bash, or similar scripting language for network automation tasks
Strong understanding of network security best practices, including segmentation, least-privilege access, encryption in transit, and zero trust principles.
Experience with datacenter network design, migrations, and colocation facility operations.
Excellent communication and collaboration skills, with the ability to translate complex network concepts for non-technical stakeholders.
Demonstrated ability to drive technical initiatives independently and own systems end-to-end without direct supervision.
Experience managing network infrastructure supporting dedicated financial connectivity such as FedLine or similar regulated network links is a plus.
Relevant certifications are a plus: CCNP, PCNSE (Palo Alto), AWS Advanced Networking Specialty, or equivalent.

Benefits

Competitive compensation based on experience, geographic location, and role
Medical, Dental, Vision, Life, 401k Matching, and other wellness benefits, including FSA, HSA and HRA
Paid parental leave
Flexible vacation policy, including PTO and paid holidays
A fun and challenging team environment in a dynamic industry with ample opportunities for career growth

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

network architecturefirewall managementroutingswitchingzero trust accessInfrastructure as CodeTerraformCisco CatalystPalo AltoAWS VPC

Soft Skills

mentoringcommunicationcollaborationtechnical initiativeknowledge transferproblem-solvingroot cause analysisdocumentationindependent workstakeholder engagement

Certifications

CCNPPCNSEAWS Advanced Networking Specialty