Senior Network Engineer, W2 Contract, Hybrid
Description:
Our client is seeking a Senior Network Engineer to own the design, operation, and continuous hardening of the enterprise network and perimeter security environment. This role leads day-to-day network operations across LAN, WAN, and Wi-Fi, administers and optimizes firewalls and site-to-site VPNs, and partners closely with Cybersecurity and Operations. The ideal candidate is hands-on with troubleshooting, performance tuning, and automation, while shaping standards and guardrails that keep the environment resilient and compliant.
Design, implement, and maintain secure network architectures across on-premises, cloud, and hybrid environments
Own capacity planning, high availability, and performance optimization using advanced monitoring and telemetry
Lead complex troubleshooting across routing, tunnels, NAT, BGP, OSPF, EVPN, QoS, VLAN segmentation, Wi-Fi, internet circuits, inter-site connectivity, and remote access
Administer enterprise firewalls and VPN gateways; maintain secure configurations that deny all inbound traffic unless by approved exception
Oversee the full firewall rule lifecycle including intake, business justification, review, approval, implementation, logging, monitoring, and periodic recertification
Ensure all administrative access is logged and monitored; remediate findings in partnership with Cybersecurity
Partner with Cybersecurity and GRC to align controls with cybersecurity policy, contribute to risk assessments, and support incident response
Drive disciplined change, configuration, and release processes with rollback planning and post-change validation
Automate repetitive tasks (configuration baselines, ruleset checks, backups) using infrastructure-as-code and scripting (Ansible, Terraform, Python)
Build actionable dashboards, runbooks, and diagrams; maintain complete and auditable network inventories and rule repositories
Operate and tune enterprise firewall platforms (Palo Alto experience strongly preferred)
Manage carrier and OEM relationships; evaluate and implement cost-effective network and security enhancements
Provide mentorship, lead incident bridges, and communicate clearly during planned changes and outages
Required Qualifications
Bachelor’s Degree in Information Technology, Computer Science, Engineering, or related field
7–10+ years of enterprise networking experience with hands-on ownership of firewalls and site connectivity
Deep expertise in routing and switching (BGP, OSPF, EVPN), VPNs (IPsec, SSL), NAT, segmentation, and network security architectures (zero trust/perimeter controls)
Proven experience managing large firewall environments including rule governance, logging/SIEM integration, and audit/compliance cycles
Proficiency with network automation and scripting (Ansible, Terraform, Python)
Experience with observability tools such as SolarWinds, NetFlow, SNMP, synthetic monitoring, and packet capture
Strong incident leadership, root cause analysis, and stakeholder communication skills
Preferred Qualifications
Certifications such as CCNP/CCIE, PCNSE (Palo Alto), JNCIP/JNCIE, NSE (Fortinet), or equivalent
Experience in multi-site data center environments
Background in regulated or critical infrastructure environments with formal change and configuration management
Key Competencies
Ownership and accountability under pressure
Strong cross-functional collaboration with Cybersecurity and Operations
Clear written and verbal communication with both technical and non-technical stakeholders
Benefits:
Health Insurance
Sick time
401k
Pay Range: $60.00 - $70.00 per hour (Depending on experience and qualifications)
By applying for this job, you agree to receive calls, AI-generated calls, text messages, or emails from HEPCO, Inc and its affiliates, and contracted partners. Frequency varies for text messages. Message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You can reply STOP to cancel and HELP for help.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, gender expression, marital status, national origin, age, veteran status, disability, or any other protected class.