Network Engineer - Onsite Albany, NY

· Provide Network Engineering support for all network segments and applications.

· Act as L1/2 escalation for P1/P2 incidents; lead triage, stabilization, and post-incident RCA with clear corrective actions.

· Troubleshoot routing, switching, wireless, firewall, load balancing, and VPN issues across multi-vendor environments.

· Optimize performance (QoS, congestion control, path selection) and reduce chronic incident recurrence.

· Own changes from design review through implementation and validation, aligning with ITSM/ITIL change control and documentation.

· Collaborate with InfoSec on risk assessments, hardening, and compensating controls.

· Manage and optimize connectivity to public cloud (Azure/AWS): ExpressRoute/Direct Connect, hybrid routing, private endpoints.

· Support SD-WAN, traffic steering, and cloud edge security integration.

· Maintain robust observability (SNMP, flow telemetry, synthetic tests, packet captures, logs, NPM/APM tools).

o Utilize NPM tools (e.g., SolarWinds, ThousandEyes), packet capture (Wireshark), NetFlow/sFlow/IPFIX, syslog/SIEM - or similar tools

· Build automation for configuration compliance and repeatable changes (e.g., Ansible/Netmiko/Python), including templating and guardrails.

· Author and maintain network standards, runbooks, validated configurations, and diagrams (as-built/target state).

· Execute ITIL processes (Incident, Problem, Change, Configuration Management) with precise records suitable for audits.

· Partner with OT, Lab IT, Manufacturing, Application, and Security teams to deliver solutions aligned to business and regulatory needs.

· Ability to rack/stack equipment and work in data center/lab/manufacturing areas with appropriate PPE.

· Work with cross-functional teams to design solutions for expanding connectivity while maintaining overall network performance and integrity.

· Experience: 2-4 years' relevant network experience and/or with network related certification(s) (e.g. CCNA) - desirable but not required.

· Routing/Switching: Knowledge of IPv4/IPv6, OSPF, BGP, EIGRP, HSRP/VRRP, STP/RSTP/MST, MLAG/VPC, ECMP, multicast fundamentals.

· Technology: Experience with Cisco (Catalyst/Nexus/Meraki) required - Juniper, Arista; SD-Access; OT protocols and segmentation ae a plus.

· Knowledge of routing and switching protocols (BGP, OSPF, EIGRP).

· Data Center: Experience with spine-leaf/fabric designs; familiarity with VXLAN/EVPN and L2/L3 overlays.

· Wireless/NAC: Enterprise WLAN (controllers, RF design, WPA2-Enterprise/802.1X), NAC (e.g., Cisco ISE), role-based access policies.

· SD-WAN: Policy-based path selection, application steering, HA design, integration with cloud edges.

· Load Balancing: F5/NGINX/AVI or equivalent for L4-L7 services, TLS offload, persistence, health monitors.

· Cloud Networking: Azure VNets, VNet peering, Private Link/ExpressRoute; AWS VPCs, TGW, Direct Connect; hybrid routing and security patterns.

· Experience with zero-trust network principles, micro-segmentation platforms, and certificate/PKI operations.

· Observability: Hands-on with NPM tools (e.g., SolarWinds, ThousandEyes), packet capture (Wireshark), NetFlow/sFlow/IPFIX, syslog/SIEM.

· Automation/Scripting: Practical experience with Ansible and Python for network tasks (templates, compliance checks, bulk updates).

· Process: ITIL familiarity and disciplined change management in 24x7 production settings.

· Soft Skills: Clear communicator, calm under pressure, able to lead incidents and influence cross-functional teams.

This role may require access to export-controlled commodities and technology. Therefore, to conform to U.S. export control regulations, applicant should be eligible for any required authorizations from the U.S. Government.