Senior Network Engineer (Hands-On Technical Lead)

Location: Santa Clara, CA (Onsite)
Travel: Occasional travel to remote company sites

Role Overview

We are seeking a Senior Network Engineer (Hands-On Technical Lead) to own and operate our enterprise network infrastructure across corporate offices, manufacturing facilities, and Azure cloud environments.

This role is responsible for the design, implementation, security, and operational reliability of the company's network and firewall infrastructure. The position functions as both a network architect and senior technical operator, providing Tier-3 support and ensuring high availability for mission-critical 24/7 manufacturing systems.

The engineer in this role will work closely with Cybersecurity, DevOps, Software Engineering, IAM, Automation, and IT Operations teams while maintaining strong relationships with vendors, partners, and internal stakeholders.

This is a high-impact technical leadership role reporting directly to the CIO.

Key Responsibilities

Enterprise Network Architecture & Operations

• Architect, deploy, and support Cisco Catalyst 9000 switching environments including VLANs, L2/L3 routing, LACP, and gateway redundancy.

• Design and maintain enterprise routing infrastructure including BGP, OSPF, WAN failover, and redundancy strategies.

• Manage enterprise IP addressing standards, subnet allocation, NAT policies, and network segmentation.

• Maintain and operate air-gapped network environments requiring strict isolation and security controls.

• Design and manage DMZ architectures and partner network interfaces.

Firewall & Security Infrastructure

• Engineer and maintain Palo Alto next-generation firewall platforms including App-ID, User-ID, Content-ID, IPS/IDS, SSL decryption, and threat prevention.

• Manage site-to-site VPNs, remote access VPN (GlobalProtect), and high-availability firewall clusters.

• Support Zero Trust network models including Zscaler ZIA and ZPA environments.

Azure Cloud & Hybrid Networking

• Design and operate Azure hybrid network architectures including:

  • Virtual WAN (vWAN)

  • Hub-and-spoke networks

  • ExpressRoute connectivity

  • VNet peering and routing

• Configure and manage:

  • Azure Firewall

  • Application Gateway (WAF)

  • Azure Front Door

  • Load Balancers

  • Traffic Manager

• Implement network segmentation using NSGs, ASGs, Private Endpoints, and Private DNS.

Infrastructure as Code (Terraform)

• Build and maintain Terraform modules for Azure network infrastructure.

• Manage Terraform state, environments, and version control workflows.

• Enforce Azure governance policies and configuration compliance.

Network Support & Troubleshooting

• Provide Tier-3 escalation support for network incidents across switching, routing, firewall, WAN, and cloud infrastructure.

• Perform packet captures, log analysis, traffic flow analysis, and root cause investigations.

• Lead incident resolution and produce Root Cause Analysis (RCA) documentation.

• Maintain service levels and operational stability for 24/7 manufacturing operations.

Infrastructure Deployment & Facilities Networking

• Own IDF/MDF design, rack layout, cabling strategy, and patching standards.

• Coordinate with ISPs, cabling vendors, and field technicians during installations and upgrades.

• Support infrastructure upgrades, site buildouts, and network expansion projects.

Documentation & Governance

• Maintain detailed documentation including:

  • Network diagrams

  • IP address schemas

  • Rack elevations

  • Operational runbooks

• Manage firmware updates, patch cycles, and lifecycle planning for network infrastructure.

• Follow established change management processes and deployment validation procedures.

Required Qualifications

• 7+ years of hands-on network engineering experience supporting enterprise infrastructure.

• Deep experience with Cisco enterprise switching and routing platforms.

• Strong operational experience with Palo Alto firewalls.

• Experience designing and operating hybrid cloud networks in Microsoft Azure.

• Hands-on experience with Terraform or other Infrastructure-as-Code tools.

• Strong troubleshooting experience across routing, switching, firewall, and WAN infrastructure.

• Experience supporting high-availability environments and critical infrastructure systems.

• Ability to work onsite and perform physical infrastructure tasks (rack/stack, cabling, equipment installation).

• Excellent written and verbal communication skills.

• Ability to collaborate effectively across multiple technical teams.

Preferred Qualifications

• CCIE, CCNP, or PCNSE certification

• Experience with Zscaler ZIA/ZPA

• Experience supporting manufacturing or industrial environments

• Familiarity with Git-based workflows and CI/CD pipelines

• Experience with SolarWinds or enterprise network monitoring platforms

Physical Requirements

• Ability to lift and carry up to 50 lbs

• Ability to perform data center and rack installation tasks

First 30 Days – Success Indicators

Within the first month, the Senior Network Engineer is expected to:

• Assess the current enterprise network architecture across on-prem and Azure environments.

• Review WAN routing stability, ISP redundancy, and failover strategies.

• Document air-gapped networks and segmentation boundaries.

• Begin supporting Tier-3 network incidents and operational escalations.

• Update network diagrams, rack elevations, firewall policies, and operational runbooks.

• Establish working relationships with Cybersecurity, DevOps, Automation, and IT Operations teams.

• Begin planning modernization efforts for legacy network segments and firewall infrastructure.