Key Details:

• Direct Hire/Perm
• Location: Hybrid - Scripps Ranch, San Diego
• Pay: $120-160k

Summary:

The Senior Network Engineer is an expert in IT network infrastructure, specializing in routing, switching, and firewalls. Designs and maintains enterprise network to ensure security and stability. Provides regular metrics reports with recommendations for performance and security improvements. Acts as a subject matter expert, creating and implementing secure solutions according to EIT Management guidelines while prioritizing user experience. Troubleshoots network issues such as routing, packet loss, latency, connectivity, and equipment failures. Evaluates network performance and oversees equipment selection, installation, configuration, and testing. Develops diagrams, standards, and guidelines to ensure reliable and secure IT architecture. Leads the creation of scalable, flexible, and cost-effective solutions focused on excellent user experience.

Key Responsibilities:

1. Architecture & Design: Design resilient LAN/WAN architectures supporting branches, Headquarters, data centers, and cloud workloads. Develop standards for Cisco Nexus ACI fabrics (tenants, VRFs, EPGs, contracts) and Catalyst/Meraki campus/branch networks. Plan and optimize enterprise Wi Fi (RF site surveys, channel/power planning, roaming, and high density coverage).
2. Implementation & Configuration: Deploy and configure Cisco Nexus/ACI, Catalyst/Meraki switches & APs, and SD WAN as applicable. Implement Palo Alto Networks firewalls, Panorama for centralized policy/management, and Prisma Access for secure remote connectivity. Build standardized network services: routing (OSPF/BGP), switching (VPC/MLAG), QoS, NAT, DHCP, DNS integrations, segmentation (ACLs/ microsegmentation), and VPNs (site to site and remote).
3. Operations & Reliability: Own day to day network health: monitoring, alerting, performance tuning, and capacity planning. Troubleshoot complex L1-L7 issues across wired/wireless, security policies, and cloud edges; drive root-cause analysis and corrective actions. Maintain network documentation (diagrams, runbooks, inventories, IPAM) and ensure configuration backups along with version control.
4. Security & Compliance: Collaborate with the Information Security team to implement zero trust principles, least privilege segmentation, and threat prevention. Manage firewall policies, decryption, URL filtering, IPS, GlobalProtect/Prisma Access, and secure Wi Fi (802.1X, EAP TLS). Support regulatory and audit requirements (e.g., FFIEC, NCUA guidance, GLBA), including logging, retention, and control attestations. Maintains in-depth knowledge of and complies with all company, departmental and security policies and procedures as well as federal regulations applicable to the position, including BSA requirements. Completes all required compliance training as assigned.
5. Automation & Continuous Improvement: Leverage APIs, Infrastructure as Code, and scripting to streamline deployments and reduce manual effort. Evaluate new technologies; perform POCs and recommend improvements aligned to business and security goals. Contribute to incident response, DR testing, and resiliency exercises.
6. Customer Service & Collaboration: Provide white glove support to internal teams and branch staff; communicate status and impact clearly. Coordinate with vendors/carriers for circuits, hardware RMAs, escalations, and service optimizations. Mentor junior engineers/technicians; share knowledge via training and best practices.
7. Performs other duties as assigned.

Qualifications:

Education:

• Bachelor's Degree in Computer Science, Information Systems, Engineering, or related field;
• Preferred Certifications:
  • Cisco: CCNP Enterprise/Data Center, CCIE, Cisco Meraki;
  • Palo Alto Networks: PCNSE, PCCSA; Prisma Access Specialty.
  • Wireless: CWNA/CWNP.
  • Security: CompTIA Security+, CISSP.
• OR equivalent experience demonstrating deep technical proficiency and business impact.

Experience:

• 6+ years in senior IT infrastructure and networking roles within enterprise or financial services environments.
• Proven track record supporting highly available networks and systems, resilient branch connectivity, and secure remote access.
• Hands on experience with:
  • Cisco Nexus ACI (fabric design, tenant/VRF/EPG policies, L3Out, contracts).
  • Cisco Catalyst/Meraki (campus/branch switching, wireless, SD WAN).
  • Enterprise Wi Fi design and operations (RF fundamentals, WPA2/WPA3, 802.1X, RADIUS).
  • Palo Alto Networks (Panorama policy management, NGFW, Prisma Access, GlobalProtect).
  • Routing & switching protocols (BGP, OSPF, STP, VPC/MLAG), QoS, multicast.
  • Network monitoring/observability platforms (e.g., Meraki Dashboard, DCNM/APIC, Panorama, SNMP/NetFlow/IPFIX).

Competencies:

Skills & Abilities:

• Technical Depth with Breadth: Strong core networking with the ability to work across servers, virtualization, identity, and cloud edges.
• Security First Mindset: Practical understanding of zero trust, least privilege, microsegmentation, and regulatory expectations in financial services.
• Customer Service Orientation: Empathetic, responsive, and proactive-delivering excellent service to internal stakeholders and members.
• Communication & Collaboration: Clear written/verbal communication; able to translate technical issues into business terms and partner effectively across teams.
• Problem Solving & Ownership: Analytical troubleshooting, root cause determination, and bias for action with end to end accountability.
• Automation & Documentation: Comfortable with APIs/scripting (Python, PowerShell, Ansible), and disciplined in maintaining accurate diagrams/runbooks.
• Adaptability & Learning: Stays current with vendor roadmaps (Cisco, Palo Alto), emerging threats, and best practices; embraces continuous improvement.
• Project & Time Management: Prioritizes effectively, meets deadlines, and delivers high quality outcomes in a regulated environment.
• Datacenter Networking: VXLAN/EVPN, load balancing, and private cloud.

Hardware & Software: Identity & NAC: Cisco ISE, RADIUS, EAP TLS, certificate management (PKI). Cloud Networking/Security: Azure/AWS/GCP, SASE/SD WAN integrations. Telemetry/Observability: Syslog, SIEM integrations, NPM/APM.

All qualified applicants will receive consideration for employment without regard to race, color, national origin, age, ancestry, religion, sex, sexual orientation, gender identity, gender expression, marital status, disability, medical condition, genetic information, pregnancy, or military or veteran status. We consider all qualified applicants, including those with criminal histories, in a manner consistent with state and local laws, including the California Fair Chance Act, City of Los Angeles' Fair Chance Initiative for Hiring Ordinance, and Los Angeles County Fair Chance Ordinance.