Skip to content
Call +1.424.284.2574
Home > Careers > Network Engineer L2

Network Engineer L2

,

Relevant Experience: 5 -7 years

About the Role

  • Our IT team is a critical pillar of our operations, ensuring seamless technology integration and high-performance infrastructure. We are seeking a versatile Network Engineer L2 who combines deep networking expertise with a security-first mindset. This role manages our core network environment while serving as the primary backup for our private cloud and directory services.

Key Responsibilities

1. Network Administration & Connectivity

  • Aruba Ecosystem: Lead the configuration, monitoring, and optimization of Aruba/Cisco Switches and Wireless Access Points.
  • WLAN Management: Design, deploy, and troubleshoot enterprise WLAN configurations, including SSID management, RF optimization, and captive portal integration. Should be an expert in authentication types like PEAP, EAP-TLS, WPA2/WPA3 Enterprise
  • Edge & Connectivity: Manage Internet Leased Lines (ILL), implement complex NAT (Network Address Translation) strategies, and maintain internal/external DNS records.
  • Advanced Protocols: Troubleshoot and optimize the TCP/IP stack, routing tables, and complex Subnetting architectures (VLSM/CIDR).
  • Uptime & SLA Management: Take ownership of network Uptime SLAs, ensuring 99.9% availability through proactive monitoring, redundancy planning, and rapid incident response.

2. Network Security & Access Control

  • Firewall Administration: Configure and maintain Next-Generation Firewalls (FortiGate/PaloAlto)
  • Security Policy Management: Design, implement, and maintain granular policies, NAT, and QoS for least privilege and network optimization. Regularly audit and optimize rule bases.
  • Application Control: Utilize deep packet inspection (App-ID/Application Filtering) to identify and control applications regardless of port, blocking high-risk applications while enabling business-critical ones.
  • Content and Web Filtering: Configure URL filtering and content inspection to prevent access to malicious sites, enforce acceptable use, and integrate threat intelligence.
  • Threat Prevention (IPS/IDS): Deploy and tune the Intrusion Prevention System (IPS) and Anti-Malware features, minimizing false positives, monitoring alerts, and neutralizing threats.
  • VPN Configuration and Maintenance: Implement and maintain Site-to-Site IPsec and Remote Access SSL/IPsec VPNs, ensuring high availability and robust authentication (e.g., 2FA).
  • Monitoring, Logging, and Reporting: Configure centralized logging (FortiAnalyzer/Panorama/Syslog). Proactively monitor performance, traffic, and security logs for anomalies and capacity issues. Generate regular security and compliance reports.
  • High Availability (HA): Configure and maintain firewalls in Active-Active or Active-Passive HA clusters for maximum uptime and business continuity.
  • VPN Management: Configure and maintain secure VPN solutions (Site-to-Site and Client-to-Site), ensuring high availability and troubleshooting encryption or tunnel stability issues.
  • Identity Management: Administer and troubleshoot Network Access Control (NAC) policies using Cisco-ISE and Aruba ClearPass.
  • Traffic Analysis: Utilize Wireshark for deep-packet analysis to resolve latency, intermittent connectivity, or security anomalies.
  • Vulnerability Management: Conduct regular Network Scanning and internal VAPT (Vulnerability Assessment and Penetration Testing) to proactively identify and remediate risks.

3. Infrastructure Support :

  • Private Cloud: Provide secondary administration for Cloudstack, including VM snapshots, resource allocation, and storage networking.
  • Directory Services: Assist in managing Active Directory (AD), including User/Group management, Group Policy Objects (GPO), and DHCP role maintenance.

4. Compliance & Documentation :

  • Standards: Ensure all infrastructure configurations align with ISO27001 and SOC2 control requirements.
  • ISMS Support: Maintain high-fidelity network diagrams, asset registers, and SOPs for audit readiness.

Required Qualifications

  • Education: Bachelor’s degree in Computer Science, BCA, or a related technical field.
  • Experience: 6-7 years in a Network/System Engineer role with hands-on experience in Aruba and Cisco ecosystems.
  • Technical Tooling: Proficiency in Wireshark, Nmap, Nessus, or similar diagnostic tools.
  • Virtualization: Familiarity with Proxmox, VMware, or KVM-based platforms.
  • Certifications: CCNA/CCNP or Aruba Certified (ACSA/ACSP) is a strong plus.

Desired Skills

  • Analytical Thinking: A “root-cause” approach to troubleshooting that looks beyond the surface level of a ticket.
  • Security Mindset: A “security-by-design” approach to every configuration change or subnet expansion.
  • Effective Communication: Strong verbal and written English for documenting complex technical procedures and interacting with the ISMS team.
Apply