AITHERAS, LLC
Senior Network & Security Engineer
Location: New York Tri-State Area (NYC / Northern NJ / FairfieldWestchester CT) Work Model: Hybrid 3 days on-site at primary data-center campus in Midtown Manhattan or Secaucus, NJ; 2 days WFH. Clearance: None required, but ability to pass a Tier 2 public-trust background check is a must. Travel:
About Us
AITHERAS, LLC is a customer-focused IT consulting firm delivering cost-effective, mission-critical solutions since 2002. We specialize in Data Analytics, Cloud Computing, IT Engineering, Application Development, and Cyber Security. Based in Rockville, MD, we're ISO 9001:2015 certified, an SBA-designated Small Business, and an MBE-certified firm by MDOT. We partner with over 100 clients to create scalable, innovative solutions that drive success. What You'll Do
40% Design & Implementation Build and migrate segmentation zones, VRFs, and BGP/OSPF fabrics across Cisco Nexus 9K, Juniper QFX/MX, and Palo Alto PA-Series. 25% Security & Visibility Stand up TACACS+ / Cisco ISE for AAA, integrate flow telemetry into Cisco Secure Network Analytics (StealthWatch), deploy taps/SPANs/Gigamon, and tune IDS/IPS policies for OT & IT. 15% Automation Write and maintain Python/Ansible/Terraform pipelines (pyATS, Nornir, Jinja2) for golden-config generation, compliance drift detection, and CI/CD-based push-button rollouts. 10% Operations & Incident Response Serve as L3 escalation and join a 1-week-per-6 on-call rotation; own post-mortems and MTTR metrics. 10% Documentation & Mentoring Produce HLDs/LLDs, MOPs, and runbooks; coach junior engineers toward CCNP/PCNSE. Must-Have Qualifications
8+ years progressive experience in enterprise or service-provider networking. Deep expertise configuring and troubleshooting BGP, OSPF, static routing, VRFs, VXLAN-EVPN. Hands-on with Cisco Catalyst/Nexus & ASA/FTD, Juniper EX / QFX / MX, and Palo Alto NGFWs (Pan-OS 9/10). Solid command of AAA (TACACS+, RADIUS) and production deployments of Cisco ISE or equivalent. Practical experience deploying or operating flow-analytics / tap infrastructure (StealthWatch, Gigamon, NetFlow/IPFIX, SPANs). Comfort writing Python and Ansible playbooks; git-based workflows (GitLab/GitHub, CI pipelines). Familiarity with network IDS/IPS (Snort, Zeek, Palo Alto Threat Prevention) and SIEM workflows (Splunk, QRadar). Ability to create HLD/LLD diagrams in Visio or draw.io and present them to technical & business leadership. U.S. work authorization and ability to commute to NYC area 3 week. Nice to Have
CCNP Enterprise/Security, PCNSE, JNCIS-ENT/Sec, or CCIE (R&S / Enterprise). Cisco Secure Network Analytics design experience (flow collector sizing, policy tuning). Prior exposure to industrial/OT networks (NIST 800-82, Purdue Model, SCADA segmentation). AWS or Azure Advanced Networking certification; Transit Gateway design experience. Experience with F5 LTM/GTM or Citrix ADC in low-latency trading or fintech environments. Source-of-truth & intent platforms (NetBox, Nautobot), RESTful API development, or Go/Rust scripting. What We Offer
Base Salary: FTE: 135K-140K or $90-$100 C2C/1099 FTE Benefits: 100% employer-paid medical / dental / vision, 401(k) 5% match, ESPP FTE Training: $3 k annual cert stipend, paid time for labs & conferences (Cisco Live, Palo Alto Ignite)
Location: New York Tri-State Area (NYC / Northern NJ / FairfieldWestchester CT) Work Model: Hybrid 3 days on-site at primary data-center campus in Midtown Manhattan or Secaucus, NJ; 2 days WFH. Clearance: None required, but ability to pass a Tier 2 public-trust background check is a must. Travel:
About Us
AITHERAS, LLC is a customer-focused IT consulting firm delivering cost-effective, mission-critical solutions since 2002. We specialize in Data Analytics, Cloud Computing, IT Engineering, Application Development, and Cyber Security. Based in Rockville, MD, we're ISO 9001:2015 certified, an SBA-designated Small Business, and an MBE-certified firm by MDOT. We partner with over 100 clients to create scalable, innovative solutions that drive success. What You'll Do
40% Design & Implementation Build and migrate segmentation zones, VRFs, and BGP/OSPF fabrics across Cisco Nexus 9K, Juniper QFX/MX, and Palo Alto PA-Series. 25% Security & Visibility Stand up TACACS+ / Cisco ISE for AAA, integrate flow telemetry into Cisco Secure Network Analytics (StealthWatch), deploy taps/SPANs/Gigamon, and tune IDS/IPS policies for OT & IT. 15% Automation Write and maintain Python/Ansible/Terraform pipelines (pyATS, Nornir, Jinja2) for golden-config generation, compliance drift detection, and CI/CD-based push-button rollouts. 10% Operations & Incident Response Serve as L3 escalation and join a 1-week-per-6 on-call rotation; own post-mortems and MTTR metrics. 10% Documentation & Mentoring Produce HLDs/LLDs, MOPs, and runbooks; coach junior engineers toward CCNP/PCNSE. Must-Have Qualifications
8+ years progressive experience in enterprise or service-provider networking. Deep expertise configuring and troubleshooting BGP, OSPF, static routing, VRFs, VXLAN-EVPN. Hands-on with Cisco Catalyst/Nexus & ASA/FTD, Juniper EX / QFX / MX, and Palo Alto NGFWs (Pan-OS 9/10). Solid command of AAA (TACACS+, RADIUS) and production deployments of Cisco ISE or equivalent. Practical experience deploying or operating flow-analytics / tap infrastructure (StealthWatch, Gigamon, NetFlow/IPFIX, SPANs). Comfort writing Python and Ansible playbooks; git-based workflows (GitLab/GitHub, CI pipelines). Familiarity with network IDS/IPS (Snort, Zeek, Palo Alto Threat Prevention) and SIEM workflows (Splunk, QRadar). Ability to create HLD/LLD diagrams in Visio or draw.io and present them to technical & business leadership. U.S. work authorization and ability to commute to NYC area 3 week. Nice to Have
CCNP Enterprise/Security, PCNSE, JNCIS-ENT/Sec, or CCIE (R&S / Enterprise). Cisco Secure Network Analytics design experience (flow collector sizing, policy tuning). Prior exposure to industrial/OT networks (NIST 800-82, Purdue Model, SCADA segmentation). AWS or Azure Advanced Networking certification; Transit Gateway design experience. Experience with F5 LTM/GTM or Citrix ADC in low-latency trading or fintech environments. Source-of-truth & intent platforms (NetBox, Nautobot), RESTful API development, or Go/Rust scripting. What We Offer
Base Salary: FTE: 135K-140K or $90-$100 C2C/1099 FTE Benefits: 100% employer-paid medical / dental / vision, 401(k) 5% match, ESPP FTE Training: $3 k annual cert stipend, paid time for labs & conferences (Cisco Live, Palo Alto Ignite)