Cypress HCM
About the Role:
Our IT Network Engineering team designs, builds, and operates the enterprise network across offices, data centers, and AWS. As a Sr. Network Engineer, you’ll lead core network design/upgrades, deliver reliable AWS connectivity, automate with infrastructure as code, and mentor teammates. You’ll be accountable for availability, performance, and security across a multi vendor stack. On call is required.
Duties:
Design and implement network changes across Bay Area sites and global locations (campus, data center, WAN/SD WAN, remote access, cloud interconnects).
Architect and operate AWS networking: multi account VPCs, Transit Gateway, Direct Connect, VPN, endpoints/PrivateLink, Route 53, ALB/NLB, security groups/NACLs, segmentation guardrails.
Build infrastructure as code (Terraform): reusable modules, CI/CD pipelines, automated pre/post change validation, drift detection.
Lead advanced L2–L7 troubleshooting; drive incidents to resolution and root cause across on prem and AWS.
Apply SRE practices: define SLIs/SLOs/alerts, participate in and lead on call, run incident response and postmortems, maintain runbooks and dashboards.
Partner with Security, SRE/Infra, Workplace, and other IT teams; lead design reviews and cross functional projects.
Document architectures and operational procedures; mentor junior engineers.
Primary platforms:
AWS
Palo Alto Networks (PAN OS, Panorama, GlobalProtect, URL/Threat, DNS Security)
Juniper Networks (EX/QFX, EVPN/VXLAN, Junos)
Cisco Meraki (MX/MS/MR, SD WAN)
Cisco Wi Fi (Catalyst/9800, RF design), 802.1X
Infoblox (DNS/DHCP/IPAM, API automation)
Tooling: Terraform, Git/GitHub, Ansible/Nornir, Python/Go, CloudWatch, Datadog (or similar)
How you’ll measure success:
Reliability: higher availability and lower MTTR for campus/core/AWS connectivity via defined SLIs/SLOs.
Safe velocity: automated, tested IaC pipelines; fewer change‑related incidents and less toil.
Delivery: on‑time multi‑site upgrades and AWS networking projects that move team OKRs.
Enablement: durable docs/runbooks and mentorship that uplevel the team.
Requirements:
5+ years designing and operating large scale enterprise networks across hybrid environments (offices, data centers, AWS).
Deep L2/L3: BGP, OSPF/IS IS, EVPN/VXLAN, routing policy, HA, QoS, NAT; strong packet level troubleshooting.
Hands on AWS networking (VPC, TGW, DX, VPN, Route 53, ALB/NLB, endpoints/PrivateLink, Flow Logs) and security guardrails.
Palo Alto Networks firewalls and Panorama: policy design, segmentation, GlobalProtect, threat services.
Juniper campus/data center and Cisco Meraki at scale; strong Cisco Wi Fi design/operations.
IaC and automation: Terraform modules, code reviews, CI/CD; Python or Go; Ansible/Nornir; device/cloud APIs.
Observability and SRE fundamentals: SLIs/SLOs, alerting, incident response/on call, postmortems, runbooks.
Clear communicator; strong ownership and accountability.
Preferred
Certifications: AWS Advanced Networking, PCNSE, JNCIP/JNCIE, CCNP/CCIE
Compensation:
$90 – 100/hr W—2
Req ID:
36534611