Senior Network Engineer (CCIE or equivalent)
Senior Network Engineer (CCIE or equivalent)
Posted on :
02-10-2025
Employer Active
1 Vacancy
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Share
Send me jobs like this
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Job Description
Pathway is hiring a Senior Network Engineer (CCIE or equivalent) in Markham to architect implement and optimize multi-site hybrid (data center cloud) networks for internal and client environments. You will own HLD/LLD lead migrations and operations and partner with security to deliver high-availability secure and scalable solutions aligned to business objectives
Type of Position: Permanent Full-time on-site five days a week
Availability on call/ after office hours
Key Responsibilities
Network Engineering
Security Engineering & Compliance
Consulting Ownership & Collaboration
Required Qualifications
Preferred Skills
Type of Position: Permanent Full-time on-site five days a week
Availability on call/ after office hours
Key Responsibilities
Network Engineering
- End-to-end design of resilient LAN/WAN/WLAN/SD-WAN/data center and hybrid cloud interconnects (hub-and-spoke EVPN/VXLAN IPv6 QoS multicast where applicable).
- HLD/LLD ownership: diagrams BoM IP plans routing policies config standards/runbooks.
- Implementation & migrations: plan and execute greenfield builds cutovers upgrades with rollback plans.
- Routing & switching: expert policy design/troubleshooting for BGP/OSPF/IS-IS ECMP VRFs ACLs L2/L3 segmentation.
- Wireless: enterprise WLAN planning/optimization (surveys RF design 802.1X).
- Cloud networking (Azure-first): vNet/vWAN designs Private Link/Endpoints Route Server ExpressRoute Azure Firewall/WAF/App Gateway Bastion; on-prem to cloud connectivity and segmentation.
- Observability & SRE: SNMPv3 NetFlow/IPFIX/sFlow streaming telemetry syslog; SLI/SLO dashboards; capacity planning and performance tuning.
Security Engineering & Compliance
- Network security controls: NGFW/IPS WAF DDoS VPN/ZTNA micro-segmentation (ACLs/VRFs/host-based) secure web/DNS.
- Access & segmentation: 802.1X/NAC and posture checks; privileged access boundaries; PKI/cert lifecycle for network services.
- Zero-Trust & SASE: identity-aware access secure edge policy-as-code; align with SOC/SIEM for telemetry (flows DNS firewall).
- Compliance & RCA: map controls to ISO 27001/SOC 2/HIPAA/PHIPA as applicable; lead RCAs and maintain hardening baselines.
Consulting Ownership & Collaboration
- Translate business requirements into clear designs and options; present to stakeholders and obtain sign-off.
- Keep diagrams inventories as-builts and runbooks current.
- Partner with PMO/operations to meet SLAs/OLAs; participate in escalation rota and maintenance windows.
- Mentor engineers; review changes for quality/risk.
Required Qualifications
- Certification: CCIE (any track) or equivalent expert-level certification (e.g. Fortinet NSE 7/8 Palo Alto PCNSE Juniper JNCIE) or demonstrable expert-level experience.
- Experience: 8 years in network engineering with 3 years leading complex multi-site or multi-tenant designs/migrations.
- Deep expertise in routing/switching (BGP OSPF/IS-IS MPLS/EVPN QoS) and enterprise WLAN.
- Hands-on with network security (NGFW/IPS VPN/ZTNA NAC/802.1X segmentation) and integrating logs with SIEM.
- Cloud networking: experience with Microsoft Azure (vNet/vWAN ExpressRoute Private Link Azure Firewall/WAF/App Gateway); familiarity with other clouds is a plus.
- Excellent client-facing communication and documentation (HLD/LLD/runbooks/change notes).
Preferred Skills
- MSP/consulting background with multi-tenant operations and SLA ownership.
- Fortinet ecosystem: FortiGate FortiManager FortiAnalyzer SD-WAN IPsec/SSL VPN ZTNA EMS FortiNAC WLAN/AP/switch integration.
- Cisco ecosystem: Catalyst/Nexus SDA/ACI SD-WAN (Viptela) ISE/802.1X ASA/FTD Meraki switching/Wi-Fi/SD-WAN.
- Azure security integrations: Defender for Cloud Sentinel Azure Monitor/Log Analytics NSGs/ASGs Policy.
- Packet capture & protocol analysis: expert with Wireshark (display filters TLS/SSL TCP retransmits/latency VoIP/RTP 802.11) plus tcpdump dumpcap and (nice-to-have) CloudShark/Zeek.
- ITIL change/problem; disciplined incident and post-incident processes.
- EVPN/VXLAN leaf-spine service-mesh; observability (Prometheus/Grafana) and capacity modeling.
- Familiarity with SASE/SD-WAN/ZTNA patterns across multiple vendors (e.g. Palo Alto Check Point Zscaler Cloudflare Aruba/Juniper/Arista).
Required Experience:
Senior IC
Employment Type
Full-Time
Key Skills
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
