Principal Network Engineer

Job Description

Job Description

About the organization
A well-established, community-focused financial institution headquartered in the Bay Area, known for its personalized banking services and long-standing commitment to local communities. The organization offers a full range of financial products including personal and business banking, mortgage lending, and wealth management. It distinguishes itself through relationship-based service, local decision-making, and support for regional economic growth through philanthropic initiatives and community engagement.

Position Overview
The Principal Network Engineer will design, implement, and manage complex network infrastructures. This position requires strong experience with Cisco and Palo Alto firewalls, SD-WAN using Meraki, routing and switching, load balancing (F5), and network design for multi-datacenter environments, including hybrid Azure Cloud solutions. As the Principal Network Engineer, you will play a key role in ensuring the stability, security, and scalability of the network, while adhering to regulatory standards and modern best practices.

Roles and Responsibilities

Network Architecture & Design:

• Lead the design and architecture of network infrastructure for multi-datacenter and hybrid Azure Cloud environments.
• Ensure high availability, scalability, and resilience of networks across on-premise and cloud environments.
• Design and implement advanced routing and switching solutions using Cisco technologies.

Firewall & Security:

• Configure, manage, and optimize Palo Alto and Cisco firewalls to ensure comprehensive security and compliance. This includes knowledge of the following:
• IPSec VPN
• DMVPN
• Network Address Translation (NAT)
• SSL VPN
• Packet inspection/access rules

Detailed knowledge of Cisco network infrastructure

• Traditional Cisco Networking
• Catalyst/Nexus switching
• Routing (IOS/IOS-XE)
• EIGRP
• BGP
• Other routing protocol
• Firmware Management
• Develop and implement network security strategies, incorporating firewall rules, access controls, and threat detection.
• Integrate network security tools and solutions to monitor, detect, and mitigate threats across both datacenter and cloud environments.
• SD-WAN with Meraki:
• Design and manage SD-WAN solutions using Cisco Meraki, optimizing performance and security for remote and branch office connectivity.
• Ensure reliable and secure connectivity between multiple datacenters, cloud environments, and remote locations using SD-WAN technologies.

Hybrid Cloud Networking (Azure):

• Design, implement, and manage network infrastructure in Azure Cloud environments, ensuring secure and seamless integration with on-premise systems.
• Implement secure connectivity solutions between Azure, on-premise systems, and other cloud platforms.
• Utilize VPN, ExpressRoute, and other secure networking solutions to maintain high availability and security across hybrid environments.

Load Balancing & Traffic Management:

• Design, configure, and manage F5 load balancers to optimize traffic distribution, performance, and availability.
• Implement global traffic management and local load balancing solutions for highly available systems.

Disaster Recovery & Automation:

• Automate network disaster recovery processes for datacenter and cloud environments, ensuring rapid failover and business continuity.
• Implement and manage disaster recovery strategies using automation tools and industry best practices.

Network Security & Compliance:

• Oversee the implementation of robust security measures across the network, including firewalls, encryption, and access control.
• Working knowledge of Cisco specific security access - Cisco Secure ACS (TACACS/TACACS+/AAA) or similar (Cisco Identity Services Engine [ISE])
• Ensure the network infrastructure complies with industry regulations such as PCI, SOX, and GDPR.
• Stay updated on modern security frameworks and proactively implement security improvements.

Monitoring & Troubleshooting:

• Implement and manage advanced network monitoring and troubleshooting tools to ensure network health and performance. Examples of specific required technologies
• Experience with currently used Network Monitoring Technology
• SolarWinds Orion
• Network Performance Manager (NPM) – Monitoring and alerting/reporting
• Network Configuration Manager (NCM) – Configuration/change mgt.
• Network Traffic Analyzer (NTA) – Netflow/traffic flow analysis
• Simple Network Management Protocol (SNMP) version 2 and 3
• WireShark or other packet capture/decode solution (sniffer
• Lead root cause analysis for network performance issues and implement solutions to prevent future occurrences.

Collaboration & Leadership:

• Work closely with security, cloud, and systems teams to ensure cohesive network design and security policies.
• Provide leadership and mentorship to junior network engineers and operational teams.

Qualifications

• Bachelor's degree in Computer Science, Engineering, or a related field (Master’s preferred).
• Minimum of 8-10 years of experience in network engineering, with a focus on Cisco, Palo Alto firewalls, SD-WAN (Meraki), F5, routing, switching, and network design.
• Proven experience in highly regulated environments such as banks, financial institutions, or government sectors.
• Strong experience in Azure Cloud networking is required, including Azure VPN, ExpressRoute, and hybrid connectivity.
• Experience with AWS and GCP networking is preferred.
• Expertise in designing and managing multi-datacenter and hybrid cloud network solutions (Azure required).
• Strong experience in firewall management and network security tools such as Palo Alto, Cisco ASA, or similar technologies.
• Proficiency in routing protocols (e.g., BGP, OSPF) and switching technologies.
• Strong experience with SD-WAN solutions using Cisco Meraki.
• Experience in load balancing solutions, particularly F5 LTM and GTM.
• Strong experience in automating network operations and disaster recovery processes.
• In-depth knowledge of network security protocols and standards, including encryption, VPNs, and access control.
• Excellent problem-solving and communication skills with the ability to work cross-functionally.
• Relevant certifications (e.g., CCNP, CCIE, PCNSE, F5, Meraki, Azure Networking certifications) are highly desirable.
• Hands-on experience with AWS and GCP networking.
• Experience with SDN (Software Defined Networking) and network automation tools.
• Experience in managing multi-location, enterprise-scale environments.
• Familiarity with Agile methodologies and DevOps principles for network operations.
• #FBIndeed

Powered by JazzHR

vf9NY1Czr5