Senior Network & Systems Engineer

We are seeking a highly skilled Senior Network and Systems Engineer to lead the architecture, implementation, and ongoing support of complex client network environments. This role is ideal for a seasoned professional who thrives on designing resilient networks, troubleshooting critical issues, hardening security at the edge, and producing exceptional documentation that drives consistency and compliance.

You will join a collaborative team supporting multi-client, multi-server environments where clarity, repeatability, and technical excellence are key. The ideal candidate combines deep networking expertise with strong firewall, VPN, wireless, and SD-WAN experience and a methodical approach to change management and documentation.

While the primary focus is networking, the successful candidate brings solid Windows Server and virtualization fundamentals - enough to confidently handle routine systems administration tasks and contribute on server-side work as needed., Network Architecture & Operations

• Design secure, scalable L2/L3 network architectures - routing, switching, VLAN segmentation, QoS, SD-WAN, and high availability.
• Configure, deploy, and manage enterprise routing and switching environments - ensuring performance, reliability, and security across multi-site client networks.
• Lead network design discussions across multi-client environments, including HLD/LLD diagrams, IP schemes, and VLAN plans.
• Troubleshoot complex network issues using packet analysis, telemetry tools, and structured root-cause methodology.
• Standardize configurations and rollout templates for repeatable, low-risk deployments.
• Plan and execute network change windows, firmware upgrades, and configuration backups.

Firewalls, VPN & Edge Security

• Design, deploy, and harden Fortinet firewalls (required), as well as other firewall platforms (Palo Alto, SonicWall, Cisco ASA) where present - policy management, NAT, IPsec/SSL VPN, IDS/IPS, segmentation, and identity-aware policies.
• Implement and maintain site-to-site VPN, client/remote-access VPN, and hybrid connectivity to Azure and AWS (ExpressRoute / Direct Connect concepts).
• Manage SIEM integrations, log forwarding, and security monitoring for network devices.
• Support compliance with frameworks such as HIPAA, CMMC, and PCI through proper hardening, logging, and documentation.

Wireless, SD-WAN & Network Access

• Design and manage enterprise Wi-Fi environments - wireless controllers, access points, SSIDs, and RF planning (primarily Ubiquiti, with some Meraki and other platforms as needed).
• Deploy and operate SD-WAN solutions (primarily Fortinet, with other platforms as needed) across client sites.
• Implement NAC / 802.1X and identity-aware network policies.

Server & Systems (Solid Secondary Skill Set)

• Comfortably handle routine Windows Server administration tasks - Active Directory user/group management, DNS, DHCP, Group Policy, and file/print services.
• Perform basic virtualization administration (VMware and/or Hyper-V) including VM provisioning, snapshots, and routine host checks.
• Support backup and disaster recovery operations - monitor BDR appliances and cloud replication jobs, triage failures, and assist with restores when needed.
• Contribute to cloud migration projects (primarily Azure, secondarily AWS and Zimcom-hosted environments) from the network and connectivity side.

Documentation & Compliance

• Produce detailed HLD/LLD diagrams, MOPs (methods of procedure), runbooks, and as-built documentation.
• Maintain configuration baselines, device inventories, change records, and standardized rollout templates.
• Use documentation tools to keep client environments current and auditable.

Collaboration & Support

• Partner with project managers, account teams, and the broader engineering team to deliver client outcomes on schedule.
• Serve as a senior escalation point for complex network, firewall, VPN, and wireless issues, and as a competent owner of routine server administration work.
• Participate in rotating on-call coverage and planned maintenance windows.
• Mentor junior engineers and contribute to internal standards, runbooks, and knowledge base.

Do you have experience in Wireless network deployment projects?, * 8+ years of hands-on network engineering experience (design + operations) in multi-site, multi-client environments.

• Deep proficiency in routing (BGP, OSPF, EIGRP), switching (L2/L3), VLANs, trunking, QoS, and inter-VLAN routing.
• Hands-on Fortinet firewall expertise (required) - policy management, NAT, IPsec/SSL VPN, segmentation, and IDS/IPS. Experience with Palo Alto, SonicWall, or Cisco ASA is a plus.
• Strong wireless experience - controllers, access points, and SSID design (Ubiquiti, Meraki, or similar).
• Working knowledge of hybrid cloud connectivity to Azure and AWS (site-to-site VPN, ExpressRoute / Direct Connect).
• Solid Windows Server and Active Directory fundamentals - ability to independently handle routine administration tasks (users, groups, DNS, DHCP, GPO, file/print).
• Basic virtualization administration with VMware and/or Hyper-V (VM provisioning, snapshots, routine host operations).
• Awareness of backup/disaster recovery concepts and BDR appliance-based backup with cloud replication, with the ability to support and triage routine backup issues.
• Strong troubleshooting, root-cause analysis, and diagnostic skills.
• Exceptional documentation skills and clear written/verbal communication.
• Ability to work onsite daily in Crestview Hills, KY.
• Willingness and ability to travel to client sites as needed for installations, troubleshooting, and project work.

Preferred

• Industry-recognized networking certifications.
• Experience with enterprise SD-WAN, wireless, and routing/switching platforms.
• Experience with identity-aware firewall policies.
• Microsoft Server or Azure certifications are a plus.
• Familiarity with VMware and/or Hyper-V.
• Experience with colocation/cloud providers.
• Familiarity with common IT documentation tools.
• Exposure to network monitoring and SIEM tools.
• Exposure to compliance/security frameworks (HIPAA, CMMC, PCI, NIST).
• Scripting and automation experience., * Have you worked in multi-client environments (MSP or similar) requiring strong documentation and change discipline?
• Are you deeply proficient in routing (BGP/OSPF/EIGRP), switching, VLANs, and QoS?
• Do you have hands-on Fortinet firewall administration experience (required), including VPN and segmentation?
• Do you have hands-on experience designing and supporting enterprise wireless and SD-WAN environments?
• Are you comfortable independently handling routine Windows Server, Active Directory, and virtualization administration tasks?

Experience:

• Firewall Administration: 5 years (Required)
• System administration: 3 years (Required)
• Virtualization: 2 years (Required)
• Network engineering: 8 years (Required)

Pulled from the full job description

• Parental leave
• 401(k)
• Health insurance
• 401(k) matching
• Paid time off
• Vision insurance
• Health savings account, * 401(k)
• 401(k) matching
• Dental insurance
• Health insurance
• Health savings account
• Life insurance
• Paid time off
• Parental leave
• Vision insurance