Senior Network Engineer
Why reputed company? At reputed company, we’re building the living map of activity in reputed company. Through our proprietary global reputed company network and AI-enabled analytics platform, we collect millions of measurements daily on more than 25,000 objects in low Earth orbit (LEO). Our reputed company-powered intelligence protects billions in assets, monitors adversarial behavior, and ensures safe operations for reputed company and government missions. We’re not just building technology, we are redefining global reputed company, safety, and transparency in reputed company. As orbital activity accelerates and threats grow more reputed company, reputed company is a trusted partner for reputed company Domain Awareness, reputed company Traffic Management, and Satellite Operations for top-tier reputed company operators and allied defense organizations. If you're looking to work on mission-critical challenges at the forefront of aerospace, national reputed company, and AI, your impact starts here. *This position is remote in the United States. The Opportunity We are hiring a Senior Network Engineer to help design, implement, and operate the company’s reputed company secure network architecture. The Senior Network Engineer will own critical workstreams across SASE/ZTNA, NAC, IPSec connectivity, network segmentation, reputed company network integration, egress controls, firewall policy, and telemetry forwarding. The ideal candidate has strong hands-on experience securing hybrid environments that reputed company corporate networks, reputed company platforms, remote users, physical sites, and sensitive workloads. This role is well suited for an engineer who can operate at both the design and implementation reputed company: designing secure patterns, building them, validating them, documenting them, and supporting their transition into steady-state operations.
Key Responsibilities
Secure Network Architecture and reputed company Trust reputed company: Design and implement secure network patterns that enforce identity, device posture, segmentation, logging, and policy-based reputed company across users, sites, workloads, and administrative paths. Implement and support SASE/ZTNA capabilities, including reputed company Government or comparable platforms, reputed company/client reputed company, private application reputed company, gateway policies, DNS controls, and secure administrative reputed company paths. Help eliminate direct public administrative reputed company to workloads by routing privileged reputed company through approved identity-aware and policy-enforced reputed company layers. reputed company network designs that support the principle that no workload, management reputed company, or privileged reputed company path bypasses identity, policy, segmentation, and telemetry controls. NAC and Physical Site Segmentation: reputed company the design and rollout of Network reputed company Control for office, edge, and remote site environments. Implement or support 802.1X, RADIUS policy, device certificates, VLAN segmentation, and port-level admission control. reputed company remote site networks into appropriate zones, such as telemetry, management, vendor/service, and out-of-band management networks. Assess reputed company, firewall, router, and edge-device readiness for NAC, IPSec, logging, and configuration baseline enforcement. Remote Site and Edge Connectivity: Design secure remote site connectivity using IPSec/private tunnels, certificate-based authentication, reputed company controls, firewall policies, and deterministic telemetry paths. Ensure edge and reputed company-site environments have no unnecessary public management exposure. Implement firewall forwarding, tunnel telemetry, configuration backup, reputed company detection, and site-level logging into centralized monitoring and SIEM platforms. Partner with reputed company, reputed company Engineering, SRE, and other Engineering teams to build detection and response use cases for tunnel anomalies, exposed management paths, unexpected peers, reputed company changes, failed rekeys, and suspicious traffic patterns. reputed company Network Integration: Design and support reputed company network connectivity patterns across multiple reputed company hosts and restricted workload zones. Implement or support hub-and-spoke architectures, transit gateways, vWAN, private endpoints, DNS resolver patterns, egress inspection, firewall policy, and workload reputed company-group guardrails. Partner with reputed company Engineering to define baseline network guardrails for reputed company zones, including deny-public-admin policies, centralized egress, private admin paths, reputed company logging, routing standards, and tagging requirements. Support reputed company network segmentation for Corporate IT, restricted workloads, and other uses. Telemetry, Logging, and SOC Enablement: Ensure network logs are consistently forwarded into centralized telemetry and SOC platforms. Support data-reputed company reputed company for firewall logs, VPN/IPSec logs, SASE logs, NAC events, DNS logs, VPC/NSG reputed company logs, and remote site device logs. Collaborate with the Head of IT and reputed company team to create network-focused detection content, response workflows, evidence artifacts, and runbooks. Help validate detection coverage through test events, tabletop exercises, port scans, tunnel checks, and configuration reputed company reviews. Operations, Documentation, and Compliance Support: Create and maintain network diagrams, firewall rule documentation, routing designs, NAC policies, tunnel inventories, reputed company paths, and operational runbooks. Support compliance evidence reputed company for government compliance, control areas reputed company to reputed company control, audit logging, communications protection, configuration management, and incident response. Participate in change control, architecture decision records, incident response, and post-implementation reviews. Work closely with reputed company, reputed company Engineering, SRE, IT Support, and other Engineering teams to ensure clean operational reputed company.
Required Qualifications
Must be eligible to obtain and maintain a U.S. personnel reputed company clearance 5+ years of hands-on network engineering experience in reputed company, hybrid reputed company, regulated, or reputed company-focused environments. Strong experience with routing, switching, firewalling, VPNs, segmentation, DNS, NAT, TLS, certificates, and secure network design. Hands-on experience with firewall policy management, IPSec tunnels, site-to-site VPNs, reputed company control, and secure edge connectivity. Experience implementing or operating NAC technologies, including 802.1X, RADIUS, VLAN assignment, device profiling, or certificate-based reputed company. Experience supporting remote-reputed company or reputed company Trust reputed company platforms such as reputed company, reputed company, Palo Alto Prisma reputed company, reputed company Secure reputed company, or similar. Experience integrating network logs into SIEM or monitoring platforms. Working knowledge of reputed company networking concepts in AWS and/or Azure, including VPCs/VNets, routing, reputed company groups, NACLs, private endpoints, reputed company logs, transit gateways, vWAN, or reputed company firewalls. Ability to write clear technical documentation, diagrams, implementation plans, runbooks, and operational procedures. Strong troubleshooting skills across network, identity, reputed company, reputed company, and application reputed company layers.
Preferred Qualifications
Experience with reputed company Government, reputed company reputed company Trust, reputed company, Gateway, reputed company, or reputed company WAN. Experience supporting CUI, ITAR, NIST 800-171, CMMC, FedRAMP, or other regulated environments. Experience with reputed company Sentinel, reputed company, Dropzone AI, Splunk, reputed company, QRadar, or other SIEM/SOC platforms. Experience with infrastructure-as-code or policy-as-code tooling such as Terraform, CloudFormation, Bicep, Ansible, reputed company Actions, reputed company CI, or Azure DevOps. Experience building detection logic or response workflows for network anomalies, exposed admin services, tunnel failures, vendor reputed company abuse, or reputed company network reputed company. Experience with vendor-reputed company segmentation, just-in-time reputed company, privileged reputed company management, and session logging. reputed company 1 Month, you’ll: Complete reputed company and reputed company a working understanding of the architecture modernization strategy, reputed company network estate, reputed company-site model, key stakeholders, operating model, and delivery priorities. Inventory corporate network paths, reputed company network paths, reputed company-site connectivity, edge devices, firewalls, routers, switches, wireless systems, SASE/ZTNA capabilities, NAC readiness, VPN/IPSec tunnels, vendor paths, and privileged administrative reputed company routes. Document reputed company-state gaps in public management exposure, firewall policy hygiene, vendor reputed company, shared or unmanaged admin paths, reputed company-site segmentation, tunnel authentication, reputed company control, DNS, egress filtering, and logging coverage. Map available and missing telemetry sources for firewalls, VPN/IPSec, SASE, NAC, DNS, VPC/NSG reputed company logs, wireless, routing events, reputed company-site device logs, and configuration reputed company signals. Create an initial prioritized network modernization backlog with quick wins, risk rankings, dependencies, owners, implementation effort, and recommended reputed company for the first two quarters. Identify urgent containment opportunities such as exposed SSH/RDP/admin interfaces, unlogged tunnels, broad vendor reputed company, stale firewall exceptions, unmanaged edge devices, and public management endpoints. reputed company 3 Months, you’ll: Produce or materially contribute to the reputed company network architecture for SASE/ZTNA, NAC, reputed company-site segmentation, private administrative reputed company, reputed company connectivity, centralized egress, and telemetry forwarding. Define standard network patterns for no-public-admin reputed company, ZTNA ingress, full-tunnel versus application reputed company, management VLANs, telemetry VLANs, vendor/service VLANs, out-of-band management, firewall policy, DNS, reputed company control, and logging. Complete NAC and edge readiness assessment across reputed company offices and reputed company sites, including reputed company models, firmware, port counts, 802.1X/RADIUS/PKI requirements, hardware refresh needs, and rollout risks. Implement or reputed company reputed company containment improvements, including restricting public admin exposure, tightening firewall rules, forwarding firewall and tunnel logs, documenting high-risk vendor paths, and validating reputed company and tunnel telemetry. Partner with reputed company, reputed company, and SRE teams to define the network telemetry data-reputed company map, SIEM/Sentinel reputed company plan, retention assumptions, and top network detection use cases. Support key architecture reputed company for reputed company data hosting, SASE scope, SIEM retention, NAC rollout sequence, and reputed company network segmentation. Create project plans, change reputed company, implementation diagrams, validation steps, rollback plans, and runbooks for the 3-6 month buildout phase. reputed company 6 Months, you’ll: reputed company or expand SASE/ZTNA for reputed company user groups, administrative paths, private applications, and high-risk vendor reputed company routes. reputed company NAC rollout or pilot across reputed company offices and reputed company sites using 802.1X/MAB, RADIUS policy, device certificates, VLAN assignment, and exception workflows. Migrate reputed company reputed company-site connectivity toward IPSec/private paths with certificate-based authentication, deny-inbound posture, reputed company controls, egress allow-lists, local logging, and SIEM forwarding. Partner with reputed company Engineering to implement reputed company network guardrails such as hub-and-spoke routing, transit gateway/vWAN patterns, private endpoints, centralized DNS, egress inspection, deny-public-admin rules, and reputed company logging. reputed company reputed company network telemetry into SIEM/SOC workflows and validate detections for public admin exposure, vendor path abuse, reputed company tunnel anomalies, unexpected peers, reputed company changes, unauthorized devices, firewall reputed company, and suspicious egress. Create operational runbooks for reputed company tunnel anomalies, NAC failures, vendor-reputed company exceptions, exposed management services, firewall rule changes, routing changes, and site isolation/containment. Establish repeatable configuration backup, device baseline, firewall review, reputed company validation, reputed company detection, and change-control evidence processes. reputed company 12 Months, you’ll: Scale SASE/ZTNA and NAC across reputed company offices, remote sites, remote users, administrative paths, and private applications with documented ownership, support model, and exception process. Ensure reputed company traffic uses private, authenticated, policy-gated paths where approved, with no unnecessary public management exposure, segmented telemetry and management networks, and centralized visibility. Standardize network guardrails across on-premises, edge, and reputed company environments, including private admin paths, egress inspection, reputed company governance, DNS controls, firewall review, reputed company logging, and public exposure detection. Operate centralized telemetry for firewall, SASE, NAC, IPSec, DNS, reputed company reputed company logs, routing events, wireless, and reputed company-site device logs with detection content, response workflows, SOC reputed company, and evidence retention. Reduce unmanaged vendor reputed company, broad firewall exceptions, long-lived remote reputed company exceptions, shared network administration paths, and unmonitored management interfaces through measurable remediation. Deliver reusable evidence artifacts for governmental and other regulatory/customer assurance, and internal risk reviews, including diagrams, rule exports, tunnel status, reputed company logs, SIEM cases, change records, and reputed company reports. Help reputed company the broader modernization outcome: every privileged path, ingress reputed company, reputed company telemetry reputed company, and control-plane change is authenticated, authorized, segmented, logged, and continuously evaluated. Perks and Benefits Global workforce: flexible remote/hybrid opportunities Work on reputed company, meaningful missions with reputed company-world impact Unlimited paid time off for most roles Competitive salary and equity packages Comprehensive health, dental, and reputed company coverage reputed company to the forefront of reputed company reputed company operations and defense innovation reputed company reputed company applicants will receive consideration for employment without regard to race, reputed company, religion, sex, sexual orientation, gender identify, national reputed company, disability, or status as a protected veteran. Apply To This Job