Network Engineer

Network Operations & Engineering

San Francisco, CA (Onsite)

12 months

• Configure, maintain, and troubleshoot Cisco Catalyst and Nexus switches, ISR/ASR routers, and related LAN/WAN infrastructure.
• Operate and optimize the Cisco SD-WAN fabric, including vManage, vSmart, vBond, and edge devices, across branch and data center sites.
• Manage Cisco firewalls (Firepower / FTD), including policy administration, VPN tunnels, NAT, and threat policy tuning.
• Administer F5 load balancers including virtual servers, pools, SSL, and certificate lifecycle.
• Support and enhance the Cisco wireless environment (Catalyst 9800 controllers, access points, RF design, guest and corporate SSIDs).
• Manage Forescout for network access control, device classification, posture assessment, and policy enforcement.

Cloud Networking (Azure)

• Design and operate Azure networking components including Virtual Networks (VNets), Virtual WAN (vWAN), ExpressRoute circuits and gateways, VPN gateways, route tables, and peerings.
• Configure and maintain Azure Firewall, Network Security Groups (NSGs), and related cloud security controls.
• Implement hybrid connectivity between on-premises sites and Azure, ensuring resilient, performant, and secure traffic paths.
• Partner with cloud engineering teams to support landing zones, hub-and-spoke architectures, and segmentation models.

Monitoring, Automation & Assurance

• Use Cisco Catalyst Center (formerly DNA Center) for fabric management, assurance, software image management, and automated provisioning.
• Leverage Cisco Nexus Dashboard for visibility, fabric operations, and lifecycle management of data center switching.
• Use Forward Networks for intent-based network verification, path analysis, change validation, and compliance checks.
• Develop and maintain infrastructure-as-code modules (Terraform, Ansible) and Python scripts to provision, validate, and standardize on-prem and Azure network configurations, with changes version-controlled in Git.
• Use AI coding assistants and AIOps features (e.g., Cisco AI Assistant, Forward Networks AI features, GitHub Copilot, Claude) to accelerate troubleshooting, code generation, configuration review, and documentation.

Incident, Change & Project Delivery

• Serve as a tier-2 escalation point for incidents, performing root cause analysis and driving issues to resolution.
• Plan, document, and execute changes following established change management processes, including back-out planning.
• Contribute to network projects such as site builds, refreshes, migrations, and segmentation initiatives.
• Maintain network documentation, diagrams, IPAM records, and standard operating procedures.
• Participate in an on-call rotation for production support.

Required Qualifications

• Bachelor's degree in Computer Science, Information Technology, or a related field, or equivalent practical experience.
• 3-6 years of hands-on enterprise network engineering experience.
• Strong working knowledge of Cisco switching (Catalyst, Nexus) and routing (ISR/ASR), including VLANs, STP, OSPF, BGP, EIGRP, HSRP/VRRP, QoS, and multicast fundamentals.
• Production experience with Versa or Cisco SD-WAN.
• Hands-on experience administering Cisco firewalls (Firepower or FTD).
• Experience with Cisco wireless (Catalyst 9800 or AireOS controllers and modern access points).
• Working knowledge of Forescout or a comparable NAC platform (Cisco ISE, Aruba ClearPass).
• Experience with Azure networking, including VNets, ExpressRoute, Virtual WAN, and Azure Firewall.
• Familiarity with monitoring and assurance tools such as Cisco Catalyst Center, Cisco Nexus Dashboard, and Forward Networks (or equivalent).
• Solid understanding of TCP/IP, DNS, DHCP, NAT, VPN, TLS, etc
• Strong analytical, documentation, and communication skills.
• Working experience with infrastructure as code for network or cloud environments (Terraform required; Ansible or equivalent declarative tooling a plus), including Git-based change workflows.
• Proficiency with Python and REST APIs for automating network operations against vendor controllers (e.g., Catalyst Center, vManage, Azure Resource Manager, F5).
• Experience leveraging AI tools to accelerate productivity: regular use of AI coding assistants (e.g., Claude, GitHub Copilot, Cursor) and vendor AI assistants for code generation, troubleshooting, and documentation, with judgment about when output requires verification.

Preferred Qualifications

• Cisco certifications such as CCNP Enterprise, CCNP Security, or CCNP Data Center.
• Exposure to data center technologies including VXLAN/EVPN, Nexus 9K fabrics.
• Experience supporting Zero Trust, micro-segmentation, or SASE initiatives.
• Experience building or operating AIOps pipelines, model context protocol (MCP) integrations, or custom LLM-assisted workflows for network or infrastructure operations.
• Experience working in ITIL-aligned environments with formal change and incident management.

Work Environment

• On-site presence required at San Francisco HQ office.
• Participation in an after-hours and weekend on-call rotation.
• Occasional travel to remote sites may be required for project delivery or troubleshooting.