Network Engineer

We are launching a comprehensive initiative to modernize network architecture across corporate offices, branch locations, and manufacturing plants. This project focuses on standardizing LAN and edge designs, upgrading firewall security platforms, and simplifying IT/OT segmentation through a migration to Prisma SD-WAN. The Senior Network Engineer will execute a standardized Core/Distribution/Access model to improve scalability and performance. Key objectives include: Gateway Migration: Moving select VLAN gateways from firewalls to Core Switch SVIs to optimize traffic flow. Security Refresh: Replacing legacy PA-440 firewalls with PA-1420 platforms. Segmentation: Optimizing OT network environments with dedicated IT/OT core switching and reduced firewall zone complexity. SD-WAN Standardization: Transitioning edge infrastructure from VeloCloud to Prisma SD-WAN. 1. Firewall & Security Infrastructure Perform physical rack, cable, and power installation of new PA-1420 units. Execute complex configuration migrations involving security zones, NAT, VPNs, and granular policies. Enable dynamic routing and validate overall system health post-migration. 2. LAN & SVI Gateway Migration Configure VLANs and SVIs on IT/OT core switches to handle routing locally. Update routing tables across the firewall and SD-WAN environment. Test and validate inter-VLAN routing and critical application connectivity. 3. SD-WAN Deployment (VeloCloud to Prisma) Rack and provision Prisma ION devices. Migrate active WAN circuits while validating tunnels, security policies, and failover redundancy. Decommission and inventory legacy VeloCloud equipment. 4. Deployment & Validation Conduct site readiness checks and device staging. Lead cutover execution during designated maintenance windows to minimize business impact. Perform exhaustive testing, including failover validation, IT/OT segmentation checks, and user connectivity verification.