Lead Network Engineer -Azure Cloud First

Our client, a Boston-based investment manager, has an immediate need for a Sr. Network Engineer to serve as the lead for a cloud-first project utilizing Azure. Previous experience leading a migration project to a cloud-first environment within financial services or investment management is strongly preferred. This role will join a dedicated IT team and report to the Director of IT. The ideal candidate is detail-oriented, brings a positive and collaborative attitude, demonstrates a strong work ethic, and thrives in a dynamic environment where adaptability is essential. ResponsibilitiesNetwork Engineering

• Leads and contributes to the design, implementation, and continuous improvement of global network infrastructure.
• Partners with the Director of IT to shape and execute the corporate network roadmap and long-term planning strategy.
• Evaluates emerging technologies and recommends solutions that improve performance, security, and resiliency.

Network Operations

• Owns the management, maintenance, and monitoring of all network and telecommunications infrastructure across global locations.
• Primarily accountable for the uptime and reliability of the firm's global network.
• Drives the development and refinement of network monitoring, alerting, and reporting systems.
• Ensures all service disruptions are diagnosed and resolved within defined service level expectations.
• Manages patch and CVE remediation cycles for all critical network hardware and software.
• Performs root-cause analysis to identify and resolve underlying issues, not just symptoms.
• Maintains appropriate stock levels of infrastructure components (e.g., SFPs, cabling, rack supplies).

General Operational Support

• Willingness to step in and assist with broader operational support issues as part of a small, collaborative IT team.
• Serves as the helpdesk escalation point for any networking or security-related operational issues.
• Provides executive and residential network support on an as-needed basis., * Deep, hands-on Azure IaaS experience, including virtual networking, compute, and storage
• Azure networking components: ExpressRoute, VNet peering, Azure Virtual WAN, Network Security Groups, Azure Firewall, and Azure DNS
• SD-WAN integration with Azure cloud environments
• On-premise Data Center design and support
• Lead the design and implementation of a cloud-first operating model, including the migration of existing on-premises services into Azure

Monitoring & Observability

• Network health and performance monitoring platforms (currently LogicMonitor)
• Development of dashboards, alerting, and reporting workflows

Cybersecurity

• Strong understanding of microsegmentation concepts and hands-on management of existing microsegmentation tools and policies
• Manage and maintain an ongoing relationship with the firm's Managed SOC provider (Adlumin), including regular interfacing on alerts, incidents, and reporting
• Ability to step in and take full ownership of cybersecurity incidents, driving response and resolution from identification through remediation, alongside our current security vendors
• Continuously build upon and refine existing cybersecurity policies, staying current with the evolving threat landscape and industry best practices

Additional Preferred Experience

• Cisco Unified Computing System (UCS)
• Infrastructure and information security practices
• Scripting or automation skills (Python, Ansible, or similar) a plus

The successful candidate will have a proven track record and a strong professional reputation. Given the scope and criticality of this role, we are seeking a mature, experienced engineer who can operate with a high degree of autonomy. The ideal candidate will bring: Technical RequirementsWAN / LAN Infrastructure Expert-level proficiency in the implementation, management, and support of the following technologies:

• Global, highly available Cisco/Palo Alto WAN/LAN environments
• Dynamic routing protocols - OSPF and BGP
• LAN Switching - Spanning Tree, VLANs, EtherChannel/trunking, switch stacks
• Strong Data Center networking experience; Cisco ACI experience is a plus

Networking Fundamentals

• OSI Model, TCP/IP, IP addressing, and subnetting
• Network performance troubleshooting tools (e.g., Wireshark)

SD-WAN & Routing Platforms

• Meraki SD-WAN (MX platform)
• Integrated Services Routers
• Catalyst and Nexus switching platforms
• Internet circuit high availability (BGP/iBGP)

Firewall & Security

• NAT, security zones, ACLs, high availability/failover, IDS/IPS
• VPN - Remote Access and Site-to-Site
• Palo Alto NGFW experience strongly preferred

Wireless LAN

• Experience across multiple wireless platforms (Cisco, Aruba, Meraki, etc.)
• WLAN security - 802.1x and certificate-based authentication
• Experience with RADIUS and hosted RADIUS solutions
• Strong wireless troubleshooting skills

DNS

• DNS management - Internal (Windows AD-Integrated) and External, utilizing Cloudflare

WAN Circuits & ISP Management

• DIA, VPLS, Layer 2 Fiber, and EPL circuit implementation and troubleshooting
• ISP vendor management, * Deeply committed to the firm's network reliability, with availability to provide 24x7x365 support coverage
• Calm under pressure with the tenacity to resolve critical issues with urgency and sound judgment
• Excellent prioritization and time management skills, with a clear understanding of the firm's uptime expectations
• Relentlessly results-driven with a continuous improvement mindset
• Exceptional communication skills - equally effective with technical peers and non-technical stakeholders
• Self-motivated and capable of operating with autonomy in a lean team environment
• Strong leadership presence with the ability to mentor other team members and influence cross-functional partners
• Domestic and international travel required

Education Bachelor's degree in Computer Engineering, Computer Science, or a related field, and/or 7-10 years of equivalent professional experience. Relevant certifications (CCNP, PCNSE, or equivalent) strongly preferred.

150,000-160,000 + Bonus. On-site 3/2 Boston- NO C2C, Candidates must be eligible to work full-time for any employer in the US to be considered.