Sr. Network Engineer

• ​ Serve as the primary escalation point for complex network incidents, outages, and performance issues owing problems through to resolution with clear communication to stakeholders • ​ Provide expert guidance to internal engineers, MSP resources, and NOC personnel on architecture, troubleshooting methodology, and root cause analysis • ​ Lead post-incident reviews, drive root cause identification, and implement lasting remediations to prevent recurrence • ​ Evaluate complex vendor and MSP escalations; make technical decisions on design, tooling, and resolution approach • ​ Work with the Director of Network & Infrastructure to architect scalable, resilient, and secure network solutions across LAN, WAN, wireless, cloud, and building infrastructure • ​ Lead the design and evolution of network segmentation strategy including zero-trust principles, VRF separation, and secure OT/IT boundary enforcement • ​ Develop and maintain network infrastructure standards, reference architectures, and design patterns for consistent deployment across properties • ​ Evaluate emerging technologies and contribute to the long-term infrastructure roadmap, particularly around Palo Alto / Panorama, Aruba, and cloud connectivity platforms • ​ Design, deploy, and manage enterprise network infrastructure across BMS, IoT, Wi-Fi, PropTech, AV, security systems, corporate offices, and the Observatory • ​ Administer Palo Alto NGFWs via Panorama — policy management, threat prevention, VPN, NAT, and security profile lifecycle management • ​ Manage and optimize Aruba switching and wireless infrastructure including configuration, upgrades, RF planning, and troubleshooting via Aruba Central • ​ Own BGP, OSPF, VLANs, VPN, QoS, and DNS configurations across multi-site environments • ​ Manage WAN and ISP connectivity including failover design and carrier-level troubleshooting • ​ Support IoT and PropTech deployments in a secure manner with a focus on building systems, access control, and sustainability technology • ​ Lead network security posture improvements including firewall policy lifecycle, ACL governance, and vulnerability remediation • ​ Administer Zscaler ZIA and ZPA — URL filtering, SSL inspection, cloud firewall rules, and app connector management • ​ Manage Proofpoint email security platform including anti-spam, anti-phishing, encryption, and threat response policies • ​ Administer BitSight to track, triage, and coordinate remediation of external security posture findings • ​ Maintain PCI-DSS and SOX compliance through adherence to and enforcement of network policies and procedures • ​ Collaborate with the MSSP on security monitoring, threat analysis, and incident response • ​ Ensure timely application of patches, hotfixes, and firmware upgrades across all network equipment • ​ Administer Okta for SSO/SAML/OIDC, MFA enforcement, and user lifecycle management including SCIM provisioning and deprovisioning • ​ Manage Conditional Access Policies and integrate identity platforms with Palo Alto User-ID, Zscaler IdP federation, and Azure AD • ​ Design and manage Microsoft Azure cloud networking including hybrid connectivity, VNet architecture, NSGs, and Azure Firewall • ​ Support Microsoft 365 and Exchange Online from a network and connectivity perspective including split tunneling and optimization • ​ Support IAM and PAM platforms as they relate to network access control and privilege governance • ​ Manage physical server infrastructure, rack equipment installation, and data center operations including cabling, power, and cooling • ​ Administer building riser infrastructure and ensure secure integration of IT and OT devices on segregated network segments • ​ Support VMware vSphere virtual networking environments and server resource management • ​ Oversee SAN/NAS storage networking and business continuity / backup technologies • ​ Drive network monitoring strategy and tooling to ensure proactive alerting and performance trending across the full infrastructure estate • ​ Author and maintain high-quality documentation including topology diagrams, configuration baselines, SOPs, and runbooks • ​ Contribute to business continuity and disaster recovery procedures; develop, test, and maintain failover runbooks • ​ Adhere to change management and PMO best practices for all infrastructure changes; manage project milestones with clear stakeholder communication

• Prolonged periods of sitting at a desk and working on a computer • Must be able to lift up to 15 pounds at times

• Competitive base salary and bonus • Health/Dental/Vision insurance • Company sponsored Life, AD&D, STD (with Salary Continuation), and LTD Insurance • Voluntary Enhanced LTD Program • Voluntary Hospital, Accident, and Cancer Programs • 401(k) with 100% match up to 5% • Paid parental leave • Pre-tax transit accounts • Employee Assistance Program for emotional, financial, and legal support