Job Description: Networking Engineer 3

About the Role

We're looking for a Senior Network Engineer to join our growing infrastructure team. In this role, you'll be the backbone of our cloud and on-premises network operations — designing, securing, and scaling the systems that power our business. If you thrive in complex cloud environments and have a passion for network security, we want to hear from you.

What You'll Do

• Design and manage cloud networking infrastructure across GCP and on-premises environments, including VPCs, subnets, VPC peering, Cloud Routers, and hybrid connectivity (VPN / Cloud Interconnect / Interconnect VPN Gateway).
• Architect and enforce network security policies — firewalls, IDS/IPS, ACLs, Zero Trust frameworks, and security group configurations across cloud and on-prem environments.
• Own VPC management end-to-end: IP addressing, CIDR planning, route tables, NAT gateways, and multi-account/multi-region architectures.
• Manage DNS and CDN infrastructure — zone management, split-horizon DNS, private resolvers, and CDN platform configuration for performance and reliability.
• Oversee service mesh operations using Istio/Envoy — traffic policies, mTLS enforcement, and observability within Kubernetes clusters.
• Lead network incident response, root cause analysis, and capacity planning to ensure high availability and performance.
• Collaborate cross-functionally with DevOps, Security, and Platform Engineering teams to support infrastructure-as-code and CI/CD pipelines.
• Define and document network standards, runbooks, and architecture diagrams.
• Mentor junior engineers and champion networking best practices across the organization.

What We're Looking For

Required:

• 7+ years of experience in network engineering, with at least 4 years in cloud networking (AWS, Azure, or GCP).
• Deep hands-on expertise with VPC design and connectivity mechanisms — VPC Peering, AWS Transit Gateway, VPN (Site-to-Site & Client), PrivateLink, and shared VPC architectures.
• Proven experience managing cloud-to-on-premises connectivity — Direct Connect, ExpressRoute, Cloud Interconnect, Cloud Routers, and Interconnect VPN Gateways for high-availability hybrid network architectures.
• Strong background in network security — firewalls (Palo Alto, Fortinet, or equivalent), WAFs, DDoS mitigation, Zero Trust, and segmentation strategies.
• Hands-on experience with service mesh technologies — Istio and Envoy proxy for traffic management, mTLS, observability, and east-west traffic control in Kubernetes environments.
• Solid DNS management skills — authoritative and recursive DNS, split-horizon DNS, Route 53 / Azure DNS / Cloud DNS, and private zone configurations.
• Experience managing CDN platforms (CloudFront, Akamai, Fastly, or equivalent) including cache policies, origin configurations, and performance optimization.
• Proficiency with protocols: BGP, OSPF, MPLS, IPSec, SSL/TLS.
• Strong understanding of IPv4 and IPv6 addressing, subnetting, and dual-stack (IPv4-IPv6) network design and transition strategies (6to4, NAT64/DNS64, tunneling mechanisms).
• Experience with Infrastructure as Code tools (Terraform, Ansible, or CloudFormation).
• Strong troubleshooting skills and comfort operating in a fast-paced, on-site environment.

Preferred:

• Relevant certifications: CCNP/CCIE, AWS Advanced Networking Specialty, Azure Network Engineer Associate, or PCNSE.
• Familiarity with network automation and scripting (Python, Bash).
• Experience with SIEM tools and network observability platforms (e.g., Datadog, Splunk, SolarWinds).