Senior Network Engineer

RESPONSIBILITIES:
Kforce has a client that is seeking a Senior Network Engineer. Salt Lake City, UT is preferred; Open to remote work for well-qualified US-based candidates.

Overview:
We are seeking a Senior Network Engineer to design, secure, operate, and continuously improve enterprise and site networking services across a complex, multi-site environment. This role owns network availability, performance, and security across LAN/WAN/Wi-Fi, Internet and edge security, and core network services (DNS/DHCP/IPAM).

The ideal candidate is a hands-on senior engineer who thrives in complex environments, leads troubleshooting efforts, and partners closely with Cybersecurity, Infrastructure, Cloud, and OT/Operations teams to deliver resilient, secure connectivity. This role requires the ability to lead initiatives end-to-end-from requirements and design through implementation, documentation, and knowledge transfer.

Key Responsibilities:
Operations & Reliability:
* Operate and support campus, branch, and data center networks, including switching, routing, wireless, and WAN/Internet edge services
* Ensure high availability and performance through redundancy, capacity planning, proactive monitoring, and rapid incident response
* Lead major incident (P1/P2) troubleshooting, root cause analysis (RCA), and problem management
* Manage core network services including DNS, DHCP, IPAM, NTP, and certificate/PKI dependencies (in partnership with IAM/PKI teams)

Security & Compliance:
* Implement and maintain network security controls including firewalls, VPNs, secure routing, AAA (RADITACACS+), management plane security, and device hardening
* Support vulnerability remediation, secure configuration baselines, audits, and evidence collection
* Design and maintain segmentation strategies (VLAN/VRF, SD-WAN segmentation, firewall zones, micro-segmentation where applicable)

REQUIREMENTS:
* 10+ years of progressive network engineering experience in enterprise or multi-site environments
* Deep expertise in TCP/IP networking, routing protocols (BGP, OSPF, EIGRP), and switching technologies (VLANs, STP, LACP)
* Hands-on experience with firewalls and secure remote access, including policy design, NAT, site-to-site VPNs, and remote access VPNs
* Proven experience with network segmentation and access control (VLAN/VRF design, NAC/802.1X, ACLs)
* Strong troubleshooting skills using packet capture and systematic fault isolation techniques
* Ability to produce clear technical documentation (as-built diagrams, runbooks) and lead effective knowledge transfer
* Availability to collaborate regularly with Australia-based teams, including late afternoon and evening US hours

Tools & Technologies (Keyword Alignment):
* Routing & Switching: Cisco IOS-XE/NX-OS, Junos, Arista EOS
* Firewall & Security: Palo Alto, Fortinet, Cisco ASA/FTD, Check Point; IPsec/SSL VPN
* Wireless: Cisco (WLC/Catalyst), Aruba, Juniper Mist, Meraki
* Network Services: DNS/DHCP/IPAM (Infoblox or equivalent), NTP, RADITACACS+
* Monitoring & Telemetry: SolarWinds, LogicMonitor, PRTG, ThousandEyes, SNMP, NetFlow/sFlow, syslog

Preferred Qualifications:
* Industry certifications such as CCNP (Enterprise or Security); CCIE or equivalent strongly preferred
* SD-WAN design and operational experience (Cisco Viptela/Meraki, Fortinet, Palo Alto, Aruba/EdgeConnect, Juniper/Mist, or similar) and SASE familiarity
* Cloud networking exposure (Azure VNets, AWS VPCs, VPN, ExpressRoute, Direct Connect, transit routing patterns)
* Network automation experience using Ansible, Python, Terraform, and Git-based workflows
* Experience supporting regulated, safety-critical, or industrial environments; Familiarity with OT/industrial segmentation concepts is a plus

The pay range is the lowest to highest compensation we reasonably in good faith believe we would pay at posting for this role. We may ultimately pay more or less than this range. Employee pay is based on factors like relevant education, qualifications, certifications, experience, skills, seniority, location, performance, union contract and business needs. This range may be modified in the future.

We offer comprehensive benefits including medical/dental/vision insurance, HSA, FSA, 401(k), and life, disability & ADD insurance to eligible employees. Salaried personnel receive paid time off. Hourly employees are not eligible for paid time off unless required by law. Hourly employees on a Service Contract Act project are eligible for paid sick leave.

Note: Pay is not considered compensation until it is earned, vested and determinable. The amount and availability of any compensation remains in Kforce's sole discretion unless and until paid and may be modified in its discretion consistent with the law.

This job is not eligible for bonuses, incentives or commissions.

Kforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.

By clicking ?Apply Today? you agree to receive calls, AI-generated calls, text messages or emails from Kforce and its affiliates, and service providers. Note that if you choose to communicate with Kforce via text messaging the frequency may vary, and message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You will always have the right to cease communicating via text by using key words such as STOP.