Senior Network & Security Engineer Location: New York Tri-State Area (NYC / Northern NJ / FairfieldWestchester CT) Work Model: Hybrid 3 days on-site at primary data-center campus in Midtown Manhattan or Secaucus NJ; 2 days WFH. Clearance: None required but ability to pass a Tier 2 public-trust background check is a must. Travel: < 10 % (regional PoP / DR-site visits)About Us AITHERAS LLC is a customer-focused IT consulting firm delivering cost-effective mission-critical solutions since 2002. We specialize in Data Analytics Cloud Computing IT Engineering Application Development and Cyber Security. Based in Rockville MD were ISO 9001:2015 certified an SBA-designated Small Business and an MBE-certified firm by MDOT. We partner with over 100 clients to create scalable innovative solutions that drive success.What Youll Do
% Time
Responsibility
40 %
Design & Implementation Build and migrate segmentation zones VRFs and BGP/OSPF fabrics across Cisco Nexus 9K Juniper QFX/MX and Palo Alto PA-Series.
25 %
Security & Visibility Stand up TACACS/Cisco ISE for AAA integrate flow telemetry into Cisco Secure Network Analytics (StealthWatch) deploy taps/SPANs/Gigamon and tune IDS/IPS policies for OT & IT.
15 %
Automation Write and maintain Python/Ansible/Terraform pipelines (pyATS Nornir Jinja2) for golden-config generation compliance drift detection and CI/CD-based push-button rollouts.
10 %
Operations & Incident Response Serve as L3 escalation and join a 1-week-per-6 on-call rotation; own post-mortems and MTTR metrics.
10 %
Documentation & Mentoring Produce HLDs/LLDs MOPs and runbooks; coach junior engineers toward CCNP/PCNSE.
Must-Have Qualifications
8 years progressive experience in enterprise or service-provider networking.
Deep expertise configuring and troubleshooting BGP OSPF static routing VRFs VXLAN-EVPN.
Hands-on with Cisco Catalyst/Nexus & ASA/FTDJuniper EX / QFX / MX and Palo Alto NGFWs (Pan-OS 9/10).
Solid command of AAA (TACACS RADIUS) and production deployments of Cisco ISE or equivalent.
Practical experience deploying or operating flow-analytics / tap infrastructure (StealthWatch Gigamon NetFlow/IPFIX SPANs).
Comfort writing Python and Ansible playbooks; git-based workflows (GitLab/GitHub CI pipelines).
Familiarity with network IDS/IPS (Snort Zeek Palo Alto Threat Prevention) and SIEM workflows (Splunk QRadar).
Ability to create HLD/LLD diagrams in Visio or and present them to technical & business leadership.
U.S. work authorization and ability to commute to NYC area 3 week.
Nice to Have
CCNP Enterprise/Security PCNSE JNCIS-ENT/Sec or CCIE (R&S / Enterprise).
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.