Senior Network Engineer

Role: Senior Network Engineer

Location: The Woodlands TX (Onsite) - Only Locals

Duration: Contract To Hire

Client: Chicago Bridge and Iron

USC/GC

Only Locals

Job Description:

The Senior Principal Technology Specialist Senior Network Engineer addresses complex high-impact challenges by combining strategic vision with hands-on expertise. An expert in data communications and network security the Senior Principal Technology Specialist architects secures and scales data and firewall solutions while guiding the direction and resource allocation of projects and programs.

This Individual Contributor role reports directly to the Director Information Technology Infrastructure and routinely interacts with Global IT Business Leads Project Management Engineering and Operations.

Responsibility:

• Develop and execute a strategic vision for the enterprise and data center networks security perimeters and telecommunications environments by leveraging innovative technologies implementing industry best practices and driving continuous improvement to optimize service delivery and elevate customer satisfaction.
• Design configure implement and maintain secure scalable and resilient network infrastructure firewalls security perimeters wireless networks cloud environments third-party integrations security tools SASE and supporting auxiliary systems such as monitoring DHCP and DNS.
• Collaborate with IT teams cross-functional teams and third parties to gather business requirements assist with business plan development and implement technologies such as integrated innovative network infrastructure security controls cloud solutions and applications while ensuring seamless and future-ready operation across the organization.
• Execute a wide range of network and security initiatives including deploying and integrating technologies across the global enterprise to securely manage data traffic flows and access management for systems and applications.
• Engineer deploy and operate monitoring tools to enable visibility control proactive mitigation system health and operational effectiveness.
• Analyze network performance data and implement strategies to optimize system performance such as bandwidth utilization network throughput routing call quality hardware and software turning application filtering and response times.
• Design and implement predictive and preventive system maintenance techniques including lifecycle management strategies.
• Design and implement integration services with Third-Party Systems IAM cloud services next generation firewalls DNS services WAF CDN and SaaS.
• Adapt leading security frameworks NIST CIS ISO CSA and CB&I specific security controls to enhance cybersecurity effectiveness.
• Develop and implement robust security policies processes and technology systems specific to network firewalls security perimeters and telecommunications domains in collaboration with the Cybersecurity team.
• Develop review maintain and disseminate comprehensive and accessible documentation including configuration details changes troubleshooting guides standard operating procedures business processes and runbooks to ensure operational clarity and compliance.
• Leverage network cybersecurity and telecommunications governance expertise and infrastructure frameworks to develop and enforce policies and procedures that support continuous improvement and compliance.
• Serve as a subject matter expert within your area of responsibility mentoring members of the global IT organization delivering technical and operational cross-training and providing advanced support for problem-solving and root cause analysis.
• Collaborate with Disaster Recovery (DR) and Business Continuity stakeholders to design implement and maintain comprehensive disaster recovery plans and strategies ensuring continuous availability and resilience of network firewall security perimeter and VoIP/telephony services during outages natural disasters or cybersecurity incidents

Qualifications:

• Minimum bachelors degree in computer science Computer Engineering Management Information Systems or related field or equivalent work experience.
• Preferred 15 or more years of LAN/WAN enterprise and data center network routing switching and wireless experience.
• Minimum 8 years designing configuring and maintaining Palo Alto or Cisco firewall policies security rules NAT VPNs (IPSec/SSL) and application-based filtering
• Security appliance experience integrating firewalls and security solutions with (SIEM IDPS/IPS and Threat intelligence) centralized firewall administration and policy orchestration using tools such as Panorama and conduct rule base and configuration reviews ensuring audit and control compliance.
• Minimum 4 years of cloud network and infrastructure technologies experience
• Experience designing configuring and implementing unified communications a plus. VoIP Telephony on-prem and cloud conference systems third-party telephony integration SIP and PSTN.
• Preferred certifications or equivalent: Cisco CCNP Enterprise or Security PCNSE MS Azure Network Network
• In-depth experience designing implementing maintaining and troubleshooting converged global network infrastructure consisting of Cisco IOS NXOS 802.1x BGP OSPF EIGRP MPLS VPNs DMVPN SD-WAN Access List LAN WAN firewalls SASE and wireless.
• Experience configuring and using networking and security tools such as NetBrain ThousandEyes SecureCRT Wireshark MS Visio PRTG Infoblox IP Fix aggregator and log collector.
• Experience planning and migrating acquisitions divestitures on-premises systems SaaS facilities firewalls and cloud services.
• Experience diagnosing and resolving network firewall application flow and telecommunication issues including hardware and software failures connectivity problems and performance bottlenecks using network diagnostic tools and techniques.
• Ability to deliver illustrative design solution documentation that outlines guidance on licensing physical architecture logical configuration checklist application inventory security policy protection phases and basic administration including system configuration baseline and security policy configuration baseline.
• Proven ability to perform network architectural design modeling engineering implementation migration technical refresh upgrades and lifecycle services for the data center security systems and Cloud enterprise network infrastructure.
• Extensive experience supporting network services and products which include but are not limited to routers switches firewalls web application firewalls load balancers DNS email gateways proxy services VPN Local Area Network (LAN) Wide Area Network (WAN) and protocols cryptographic devices associated device software and firmware diagnostic tools and automation systems.
• Experience configuring and deploying TACACS Cisco DNAC Cisco ISE Cisco Prime SD-WAN load balancer WAF Palo Alto Panorama or similar centralized firewall and cloud security management.
• Cisco Routers experience: ISRand 8300.
• Palo Alto firewall deployment and configuration: Palo AltoPanorama Layer 7 app control and threat prevention IP Sec Tunnel Global Protect and policy rule template and template stack.
• Cisco Switches experience:series & Cisco Nexus 7k 5k and 2k switches.
• Wireless experience: Cisco AP & WLC Aruba AP & WLC Meraki AP Meraki MG cellular wireless
• SD-WAN and SASE experience: Cisco Meraki MX Palo Alto Prisma SD-WAN Cisco Secure Access Secure Connect
• Routing Protocol experience: BGP OMP EIGRP RIP MP-BGP VRF Redistribution and Static Routing.
• Switching Protocol experience: STP RSTP PVSTP VTP VPC ARP FHRP HSRP VRRP GLBP VLAN VXLAN inter-VLAN routing.
• Supporting features services and security experience: IP Subnetting VLSM VLAN DHCP DNS NAT PAT IP Sec ACL VRF VSS QoS VXLAN SSH LDAP integrations DNS Filtering 802.1x MAC Authentication ACLs and Certificate.
• History of delivering tier 3 and tier 4 support and acting as an escalation point across enterprise and data center networks telecommunication and cloud services.
• Delivering configuration and build patterns for TCP/IP networking as well as Cloud Load Balancers Application gateway Security Groups VNETs/Subnets VPN Gateways Private links/endpoints ExpressRoute Route tables DNS traffic manager and NAT configuration.
• Experience managing diagnosing and resolving Internet circuits WAN MPLS point-to-point network SIP Trunk and SIP services.
• Familiarity with external and internal audit processes regarding IT designs services and configuration changes.
• Proficiency and knowledge of automation tools and scripting languages (e.g. Python PowerShell/Automate)
• Experience in the regular evaluation of LAN WLAN WAN firewall security zones telephony systems cloud environments enterprise network and data center infrastructure performance ensuring optimal operation by proactively troubleshooting issues and implementing solutions that minimize downtime.

Skills and Behaviours:

• In addition to providing technical leadership build and nurture strong partnerships across business engineering security and operations teams consistently upholding the organizations vision core values and business principles.
• Proactively embraces and promotes the companys values and culture including diversity & inclusion and a healthy and safe work environment
• Strong knowledge of hardware and software configuration using hands-on and scripting. Systems in scope include network hardware and software on perm and cloud firewalls telecommunication cloud services third-party integrations and security tools.
• Strong assessment and analytical expertise to interpret outputs from monitoring and reporting tools to enable proactive identification of potential problem areas and implement targeted solutions to mitigate risks before they affect operations.
• Extensive knowledge in the design implementation and life cycle management of seamless communication across multiple platforms. Communication requirements include video teleconferencing (VTC) systems telecommunication networks security controls cloud environments and SaaS services.
• Strong knowledge of networking concepts network virtualization technologies such as SDN (Software-Defined Networking) and virtual private networks (VPNs) protocols and technologies including TCP/IP IP Sec DNS DHCP BGP LAN/WAN routing switching and wireless networks
• Strong understanding of security controls and boundaries includes the ability to design and implement security boundaries cloud versus on-premises firewalls advantages and disadvantages of SASE service SDWAN application layer filtering and malware protection and difference between SEIM and logging.
• In-depth understanding of network security principles and best practices including firewalls intrusion detection systems access controls encryption techniques enterprise and data center networks cloud infrastructure DNS filtering WAF VoIP third-party integration and Wireless.
• Strong knowledge of OSI and TCP/IP reference models IP addressing IP Subnetting VLSM QoS VXLAN backup Micro-segmentation security zones security boundaries bandwidth efficiency high availability and redundancy.
• Strong knowledge of security principles design and implementation for MS Teams Telephony VoIP unified communications enterprise and data center network routing switching access methods and Wireless systems.
• Analytical problem-solving skills and attention to detail
• Must have excellent organizational project management and communication skills.
• Ability to work in a collaborative team environment and communicate complex technical concepts effectively.
• Must be able to successfully work on multiple projects simultaneously and work under tight deadlines in a results-oriented environment.
• Deliver exceptional customer service by combining strong customer focus with initiative-taking communication responsiveness and technical expertise.
• Successfully manage time and technical responsibilities set accurate expectations and meet deliverable deadlines while working in a team and information-sharing environment.
• Ability to think creatively and develop solutions quickly in critical environments.
• Leverages collaboration skills to solve problems with global peers across various functions.
• Possesses strong verbal & written communication skills in English with demonstrated experience in effectively speaking to all levels of the organization including executive level SMEs (Subject Matter Experts) and Principal Technologists.