Network Engineer (Mortgage Industry)

About The Position

Requirements

• Bachelor's degree in Computer Science, Information Technology, or a related field — or equivalent hands-on experience
• 3–7+ years of network engineering experience in enterprise, multi-site, or hybrid cloud environments
• Deep understanding of TCP/IP, subnetting, routing, switching, VLANs, DNS, and DHCP
• Experience Cisco Catalyst, Nexus and Meraki switches
• Experience with BGP in enterprise or hybrid cloud environments
• Hands-on experience with firewalls, including rule creation, NAT, and VPNs
• Experience with load balancing technologies (NetScaler ADC Preferred) and network segmentation, including Zero Trust design principles
• Strong troubleshooting capability across Layer 1–7, including incident response, root cause analysis, and performance optimization
• Strong understanding of network security concepts: Zero Trust architecture, IDS/IPS, and DDoS mitigation
• Experience implementing secure segmentation across on-premises and cloud environments
• Hands-on experience with Palo Alto NGFW: security policy management, NAT, App-ID, User-ID, and Content-ID
• Experience configuring site-to-site and remote access VPNs using Palo Alto firewalls
• Experience with threat prevention, URL filtering, and WildFire services
• Experience using Panorama / Strata Cloud Manager for centralized firewall management
• Experience with Prisma Access (SASE), including remote user access, service connections, and identity integration (SAML, Azure AD)
• Experience with Strata Cloud Manager for policy management, visibility, logging, and analytics
• Understanding of Zero Trust Network Access (ZTNA) and modern SASE architectures
• Experience with network monitoring and troubleshooting tools: SolarWinds, and Wireshark
• Familiarity with SD-WAN and enterprise wireless networking (802.11 standards, controllers, access points)
• Strong communication skills with the ability to work across technical and non-technical teams
• Ability to document network architecture, standards, and operational procedures
• Strong analytical and problem-solving skills with attention to detail
• Ability to participate in on-call rotation as needed

Nice To Haves

• Azure Network Engineer Associate certification
• Palo Alto PCNSE certification
• Cisco CCNA / CCNP certification
• Strong experience with Azure networking: VNets, subnet design, and IP addressing strategies
• Experience configuring and managing NSGs, ASGs, and Azure Firewall policies
• Experience with Azure Load Balancer (Layer 4), Application Gateway (Layer 7), and Azure Front Door
• Experience designing hybrid connectivity: Site-to-Site VPN, Point-to-Site VPN, and ExpressRoute with BGP routing
• Experience with Private Endpoints, Private Link, VNet peering, hub-and-spoke architectures, and Azure Private DNS Zones
• Experience integrating PaaS resources with virtual networks (VNet integration, service endpoints)
• Experience using Azure Network Watcher, Connection Monitor, NSG flow logs, and packet capture
• Scripting experience in Python, PowerShell, or Bash for automation and operational efficiency
• Experience with IaC tools: Terraform, ARM templates, and Bicep
• Familiarity with YAML for configuration, pipelines, and automation workflows
• Experience with Azure landing zones and large-scale hub-and-spoke architectures
• Experience with enterprise SASE deployments
• Experience in DevOps / NetDevOps environments
• Familiarity with compliance frameworks such as NIST or ISO 27001

Responsibilities

• Review and update Palo Alto security policies, NAT rules, and App-ID/User-ID configurations
• Monitor threat prevention alerts, URL filtering hits, and WildFire submissions
• Manage VPN tunnels (site-to-site and remote access) — check tunnel status, address drops or mismatches
• Monitor NSG flow logs, Azure Network Watcher, and Connection Monitor for anomalies
• Review hub-and-spoke topology health — VNet peering, private endpoints, DNS resolution
• Check Azure Firewall policy hits and deny logs
• Implement and document approved network changes (firewall rules, VLAN changes, routing updates)
• Use Panorama/Strata Cloud Manager to push policy updates across managed firewalls
• Maintain and update network documentation (topology diagrams, runbooks, IP addressing)
• Respond to and triage network incidents — Layer 1–7 troubleshooting, root cause analysis
• Triage and prioritize incoming tickets from the service desk queue; assign severity and ownership
• Investigate and resolve network-related incidents (connectivity failures, latency, application access issues)
• Perform root cause analysis on recurring issues and document findings for problem records
• Update ticket status, add work notes, and communicate resolution steps to stakeholders
• Escalate complex issues to senior engineers or vendors with full diagnostic context (logs, captures, configs)
• Close resolved tickets with detailed resolution notes for knowledge base reuse
• Write or maintain PowerShell/Python/Bash scripts for operational tasks
• Update Terraform configs for infrastructure changes; validate and plan before apply
• Communicate with application, security, and helpdesk teams on connectivity issues
• Participate in on-call rotation; hand off or escalate as needed
• Attend change advisory or ops standup meetings

Benefits

• Salary of $110,000.00 to $130,000.00 total compensation annually