Senior Network Engineer

Menlo Park, CA
Hillspire – IT Enterprise /
On-site
Apply for this job
Overview
We are seeking an experienced and highly skilled Senior Network Engineer to join our
Technical Services team. This role is ideal for a seasoned professional who thrives in a
hands-on environment, implementing, maintaining, and optimizing modern network
infrastructure.

You will be responsible for designing and supporting enterprise-grade network and security
systems, including next-generation firewalls, campus switching, and enterprise wireless. Your
expertise will help drive reliability, performance, and security through robust design,
automation, and disciplined change management.

This senior-level position requires deep technical knowledge of networking and network
security, particularly in Palo Alto Networks firewalls and Cisco/Meraki wired and wireless
environments.

Core Tools & Technologies

    • Vendors/OS: Palo Alto Networks (PAN-OS & Panorama), Cisco (IOS), Meraki, SonicWall (SonicOS, NSM), Ruckus

    • Protocols: BGP, STP, LACP, 802.1X (EAP), IPsec/SSL VPN, QoS, DNS/DHCP, NAT, IPv6, LACP/EtherChannel, MC-LAGG/vPC

    • Security Features: Malware Prevention, Anti-Spyware, Antivirus, Vulnerability Protection, File Blocking, Data Filtering, DNS Security, DoS/DDoS Protection, Zone Protection, Micro-Segmentation/ACLs, Zero-Trust Networking (ZTNA)

Key Responsibilities

    • Network Implementation: Configure and deploy LANs, WANs, and wireless networks,
    • including switches, firewalls, access points, and supporting hardware/software.

    • Wireless & Wired Network Management: Oversee the lifecycle of Cisco switching and Meraki wireless infrastructure, including deployment, configuration, tuning, and capacity planning.

    • Troubleshooting & Performance: Serve as a senior escalation point for all network-related issues. Perform advanced troubleshooting and root cause analysis (RCA) to ensure availability and performance.

    • Firewall & Network Security: Manage and maintain Palo Alto Networks NGFWs and Panorama. Develop and implement robust security policies, NAT rules, and threat prevention strategies.

    • Documentation & Collaboration: Maintain comprehensive network documentation and collaborate cross-functionally to deliver projects and resolve issues effectively.

Mandatory Qualifications (in order of importance)

    • Cisco / Meraki Expertise
    • Extensive hands-on experience with Cisco IOS and Meraki switches and access points.
    • Deep experience designing, deploying, and operating Meraki MR wireless solutions, including Dashboard administration, RF optimization, and 802.1X authentication.
    • Mastery of core network concepts: VLANs, trunking, STP, inter-VLAN routing, LACP/EtherChannel, MC-LAGG/vPC, DHCP Snooping, BPDU Guard.
    • 7–10+ years of experience configuring and troubleshooting enterprise wired and wireless networks.

    • Advanced Troubleshooting Skills
    • Proven ability to diagnose complex network issues using tools such as Wireshark/TCPDump, ping, and traceroute.
    • Strong preference for candidates with CCNP- or CCIE-level wireless troubleshooting expertise.
    • Demonstrated ability to troubleshoot NGFW policy and feature set issues (e.g., URL Filtering, DNS Security, Threat Prevention, Data Filtering, App-ID, User-ID).

    • Communication Skills
    • Exceptional written and verbal communication skills.
    • Ability to clearly articulate complex technical concepts to both technical stakeholders (architects, SMEs) and non-technical audiences (executives, directors).

    • Palo Alto Networks Expertise
    • Proven experience managing, configuring, and troubleshooting Palo Alto NGFWs and Panorama.
    • Strong knowledge of HA, templates, device groups, and best-practice implementation of full NGFW feature sets.
    • 3–5+ years of experience configuring and operating Palo Alto Networks NGFWs.

Desired Qualifications

    • Certifications
    • Cisco Certified Network Professional (CCNP)
    • Palo Alto Networks Certified Network Security Engineer (PCNSE)

    • Additional Technical Experience
    • Familiarity with SonicWall firewalls and/or Ruckus wireless systems.
    • Strong understanding of BGP, route maps, and redistribution profiles.
    • Experience with Palo Alto’s Advanced Routing Engine (ARE) and multi–virtual router topologies.
    • Hands-on experience with 802.1X, RADIUS, PKI, DNS, and related technologies.
    • Experience with network automation tools such as Ansible, Terraform, Jinja2, and PAN XAPI.

Why Join Us

    • You’ll be part of a small, high-impact team responsible for mission-critical infrastructure across multiple sites. This role offers the opportunity to work with cutting-edge technologies, shape architectural standards, and contribute to a high-performance, security-focused network environment.
$200,000 - $235,000 a year
This is an exempt role.
Apply for this job
Jobs powered by Lever logo