Senior Network Engineer

Position Title: Senior Network Engineer
Department: Network Engineering

We are seeking a Senior Network Engineer who brings deep technical expertise, sound operational judgment, and the ability to deliver reliable, scalable network services across multi-region and global environments, including regulated and compliant FedRAMP-authorized platforms. This role is primarily operations‑focused, encompassing ownership of day‑to‑day network reliability, performance, and incident response, while also incorporating engineering and build responsibilities as required—such as evolving routing architectures, developing and maintaining automation pipelines, troubleshooting complex network behaviors, and executing major initiatives across data centers and cloud platforms.

Beyond technical capability, we are looking for the right cultural fit: someone who embodies our core expectation to "be kind"—a teammate who collaborates openly, communicates respectfully, supports others, and contributes to a positive, inclusive engineering culture.

You will work closely with Architecture, Product, Security, Compliance, and Operations teams to ensure our global backbone, data center networks, cloud connectivity, and FedRAMP environments remain secure, resilient, automated, compliant, and well-documented. You will be empowered to own meaningful problems end-to-end, influence design patterns, and mentor engineers across the organization.

• Engineer, build, operate, and deliver network solutions for global data centers, cloud platforms, FedRAMP-authorized environments, build environments, and product connectivity needs.
• Engineer and optimize routing for a global IP backbone, including multi-region route propagation, redundancy, and traffic-engineering strategies.
• Engineer, build, and operate scalable, highly available L3 topologies using BGP, OSPF, and robust routing policy (communities, AS-path manipulation, MED/local-pref tuning, ECMP, route-reflector hierarchy).
• Design and implement secure network segmentation, boundary controls, and traffic isolation required for FedRAMP Moderate/High environments.
• Implement hybrid and cloud-native routing across AWS/Azure/GCP using Direct Connect, ExpressRoute, VPN, Transit Gateway, Virtual WAN, and cloud router constructs—ensuring alignment with FedRAMP architectures and security control requirements.
• Develop and maintain automated provisioning, configuration, compliance, and validation pipelines using Python, Ansible/AWX, and Git-driven CI/CD workflows, including FedRAMP configuration baselines.

• Ensure connectivity, availability, and performance across multi-region data centers, backbone sites, cloud platforms, and regulated FedRAMP environments using proactive monitoring, telemetry, and lifecycle management practices.
• Operate networks in accordance with FedRAMP continuous monitoring requirements, including configuration drift detection, vulnerability mitigation, and audit readiness.
• Troubleshoot complex routing, TCP, and connectivity issues using tools such as netcat, ping/ICMP, logs, and packet captures.
• Lead or support major incident response when needed, including FedRAMP-relevant incident handling, escalation, and reporting procedures.
• Execute changes, upgrades, and migrations safely using structured procedures (MOPs), documented approvals, automated workflows, and validated rollback mechanisms.
• Remediate vulnerabilities and maintain compliance across network OS versions, configurations, firmware, and security posture in coordination with Security and Compliance teams.

• Engineer enhancements, new capabilities, and service-driven connectivity features supporting product, platform evolution, and FedRAMP boundary services.
• Design automation that enforces least privilege, segmentation, encryption-in-transit, logging, and configuration compliance for regulated environments.
• Replace manual operational steps with automated workflows incorporating pre/post-checks, compliance gates, evidence collection, and safe-rollback logic.
• Test new network OS versions, automation logic, routing changes, and security controls in controlled environments prior to production and FedRAMP deployment.
• Partner with Build, Engineering, Architecture, Product, Security, and Compliance teams to ensure reliability, scalability, and alignment with FedRAMP control objectives.

• Translate product, regulatory, and platform requirements into network designs that meet FedRAMP architectural and security expectations with clear timelines and dependencies.
• Conduct capacity planning across links, devices, cloud gateways, backbone segments, routing domains, and FedRAMP boundary components.
• Manage procurement cycles, RMA workflows, vendor escalations, and equipment lifecycle, ensuring vendors and solutions support FedRAMP use cases.
• Evaluate vendor technologies for performance, resiliency, automation compatibility, FedRAMP eligibility, and cost-effectiveness.

• Create and maintain high-quality runbooks, architectural diagrams, and troubleshooting guides, including FedRAMP boundary diagrams and network control documentation.
• Maintain accurate documentation required for FedRAMP audits, assessments, and continuous monitoring activities.
• Define lifecycle standards for network roles, routing constructs, appliances, and platform components.
• Ensure monitoring, alerting, and operational procedures are documented, auditable, and continuously improved.
• Mentor engineers through structured troubleshooting, technical deep dives, FedRAMP design considerations, and post-incident learning sessions.

• Bachelor’s degree in Computer Science, Information Technology, or related field (Master’s preferred).
• 10+ years in network engineering with experience in large-scale, multi-region, and global routing environments.
• Experience engineering, operating, or supporting FedRAMP Moderate and/or High environments is strongly preferred.

• Deep hands-on expertise with BGP and OSPF in global IP backbone environments, including traffic engineering and multi-vendor interoperability.
• Strong operational and engineering experience with JunOS (MX, QFX, SRX preferred).
• Proficiency with additional network OS platforms (e.g., EOS, NX-OS, IOS-XE) is a plus.
• Strong troubleshooting across routing, switching, TCP/IP, asymmetric paths, latency, packet loss, MTU/fragmentation, and QoS behaviors.
• Experienced with hybrid cloud and cloud-native networking across AWS, Azure, and/or GCP.
• Hands-on automation skills using Python, Ansible/AWX, configuration templating, Git workflows, and automated testing/validation pipelines.
• Strong understanding of network security controls, boundary protection, encryption, logging, and segmentation concepts required for FedRAMP.
• Familiarity with firewalls, VPNs, DDoS mitigation, IDS/IPS, and NIST 800-53-based security frameworks.

• Strong incident leadership skills, able to coordinate cross-functional teams under pressure.
• Excellent written and verbal communication across Architecture, Product, Security, Compliance, Operations, and Build teams.
• Ability to mentor and elevate peers and junior engineers.
• Effective in fast-paced environments with competing priorities and regulatory constraints.
• Strong analytical thinking, structured problem-solving, and continuous-improvement mindset.
• Reinforces a positive culture and demonstrates our expectation to "be kind."