Logo
Cypress HCM

Senior Network Engineer

Cypress HCM, San Jose, California, United States, 95199

Save Job
About the Role: Our IT Network Engineering team designs, builds, and operates the enterprise network across offices, data centers, and AWS. As a Sr. Network Engineer, you’ll lead core network design/upgrades, deliver reliable AWS connectivity, automate with infrastructure as code, and mentor teammates. You’ll be accountable for availability, performance, and security across a multi vendor stack. On call is required. Duties: Design and implement network changes across Bay Area sites and global locations (campus, data center, WAN/SD WAN, remote access, cloud interconnects). Architect and operate AWS networking: multi account VPCs, Transit Gateway, Direct Connect, VPN, endpoints/PrivateLink, Route 53, ALB/NLB, security groups/NACLs, segmentation guardrails. Build infrastructure as code (Terraform): reusable modules, CI/CD pipelines, automated pre/post change validation, drift detection. Lead advanced L2–L7 troubleshooting; drive incidents to resolution and root cause across on prem and AWS. Apply SRE practices: define SLIs/SLOs/alerts, participate in and lead on call, run incident response and postmortems, maintain runbooks and dashboards. Partner with Security, SRE/Infra, Workplace, and other IT teams; lead design reviews and cross functional projects. Document architectures and operational procedures; mentor junior engineers. Primary platforms: AWS Palo Alto Networks (PAN OS, Panorama, GlobalProtect, URL/Threat, DNS Security) Juniper Networks (EX/QFX, EVPN/VXLAN, Junos) Cisco Meraki (MX/MS/MR, SD WAN) Cisco Wi Fi (Catalyst/9800, RF design), 802.1X Infoblox (DNS/DHCP/IPAM, API automation) Tooling: Terraform, Git/GitHub, Ansible/Nornir, Python/Go, CloudWatch, Datadog (or similar) How you’ll measure success: Reliability: higher availability and lower MTTR for campus/core/AWS connectivity via defined SLIs/SLOs. Safe velocity: automated, tested IaC pipelines; fewer change‑related incidents and less toil. Delivery: on‑time multi‑site upgrades and AWS networking projects that move team OKRs. Enablement: durable docs/runbooks and mentorship that uplevel the team. Requirements: 5+ years designing and operating large scale enterprise networks across hybrid environments (offices, data centers, AWS). Deep L2/L3: BGP, OSPF/IS IS, EVPN/VXLAN, routing policy, HA, QoS, NAT; strong packet level troubleshooting. Hands on AWS networking (VPC, TGW, DX, VPN, Route 53, ALB/NLB, endpoints/PrivateLink, Flow Logs) and security guardrails. Palo Alto Networks firewalls and Panorama: policy design, segmentation, GlobalProtect, threat services. Juniper campus/data center and Cisco Meraki at scale; strong Cisco Wi Fi design/operations. IaC and automation: Terraform modules, code reviews, CI/CD; Python or Go; Ansible/Nornir; device/cloud APIs. Observability and SRE fundamentals: SLIs/SLOs, alerting, incident response/on call, postmortems, runbooks. Clear communicator; strong ownership and accountability. Preferred Certifications: AWS Advanced Networking, PCNSE, JNCIP/JNCIE, CCNP/CCIE Compensation: $90 – 100/hr W—2 Req ID: 36534611