Senior Network & Systems Engineer

Job Title: Senior Network & Systems Engineer Location: Miami, FL (On-site with multi-site support)
Salary: $175,000 + benefits
Reports To: VP of IT
Job Number: 7367

Position Overview

The Senior Network & Systems Engineer is responsible for the architecture, performance, security, and lifecycle management of the organization s enterprise network and Microsoft infrastructure environment.

This role serves as the technical authority for Cisco Meraki networking, Windows Server systems, virtualization platforms, and identity services. In addition to operational oversight, this position leads infrastructure modernization initiatives, security hardening efforts, and strategic technology planning.

While a third-party provider supports cybersecurity monitoring and compliance activities, this role provides internal technical leadership for secure architecture design, segmentation strategy, and risk mitigation.

This is a senior-level engineering role requiring strong design capabilities, operational discipline, and cross-functional leadership.

Core Responsibilities

Network Architecture & Engineering

• Own the design and lifecycle management of Cisco Meraki environments (MX security appliances, MS switching, MR wireless).
• Architect and maintain scalable LAN/WAN topologies including VLAN segmentation, routing strategy, SD-WAN policy design, QoS optimization, and resilient VPN architectures.
• Design secure remote access strategies (AutoVPN, client VPN, MFA integration).
• Lead WAN strategy including ISP redundancy, bandwidth planning, failover validation, and performance optimization.
• Establish wireless architecture standards including RF planning, enterprise authentication (802.1X), and secure guest network segmentation.
• Maintain and optimize monitoring systems (SNMP, syslog, telemetry, baselining).

Systems Engineering & Microsoft Environment

• Architect and maintain Microsoft Server environments including:
  • Active Directory (multi-site replication, GPO strategy)
  • DNS/DHCP architecture
  • Certificate services
• Lead Microsoft 365 architecture and hybrid identity integration (Entra ID).
• Ensure network readiness and QoS optimization for Teams, VoIP, and collaboration services.
• Oversee VMware infrastructure including host lifecycle management, storage integration, and HA strategy.
• Develop PowerShell automation for administration, reporting, and configuration validation.
• Lead infrastructure lifecycle planning and upgrade roadmaps.

IT Security & Risk Management

While monitoring may be outsourced, this role provides internal engineering ownership of secure infrastructure design.

• Design and maintain network segmentation strategy aligned with least-privilege principles.
• Oversee firewall rule governance and change control.
• Tune IDS/IPS configurations in coordination with third-party security teams.
• Implement and maintain secure remote access controls (MFA, certificate-based auth, NAC concepts).
• Lead vulnerability remediation efforts across network and server infrastructure.
• Support incident response investigations from an infrastructure standpoint.
• Maintain logging, retention, and audit evidence practices.
• Participate in compliance and audit preparation (e.g., NIST-aligned controls, SOC-related reviews if applicable).
• Perform periodic security posture reviews and recommend architecture improvements.

Operational Leadership

• Own network and systems change management processes.
• Lead major incident response for infrastructure-related outages.
• Mentor junior IT staff and provide technical guidance.
• Maintain detailed infrastructure documentation including diagrams, standards, and runbooks.
• Coordinate vendors including ISPs, hardware providers, and security partners.
• Participate in executive-level reporting on infrastructure health and risk posture.

Required Qualifications

• 7 10+ years of progressive network and systems engineering experience.
• Advanced hands-on experience with Cisco Meraki (MX/MS/MR) in enterprise production environments.
• Deep understanding of:
  • TCP/IP, routing protocols, VLAN design
  • SD-WAN architecture
  • VPN technologies
  • Wireless enterprise design
• Strong Microsoft infrastructure experience:
  • Active Directory architecture
  • Hybrid identity (Entra ID)
  • Microsoft 365 integration
• VMware infrastructure engineering experience.
• Strong PowerShell scripting and automation skills.
• Experience leading vulnerability remediation and infrastructure hardening initiatives.
• Proven ability to architect and document enterprise-grade solutions.
• Strong written and verbal communication skills.

Preferred Qualifications

• Meraki ECMS certification or equivalent.
• Microsoft certifications (Azure Administrator, Identity-related certifications).
• Experience with 802.1X, RADIUS (NPS), NAC solutions.
• Experience with Azure networking (VNets, VPN Gateway, ExpressRoute concepts).
• Experience supporting regulatory or compliance-driven environments.

What Success Looks Like (First 6 12 Months)

• Documented, optimized, and standardized network architecture.
• Reduced infrastructure-related security risk exposure.
• Improved WAN resilience and wireless reliability.
• Mature change management and documentation processes.
• Clear multi-year infrastructure modernization roadmap.
• Improved collaboration performance metrics (Teams, VoIP).
• Strong partnership with third-party cybersecurity provider.

Not for you? SherlockTalent offers a $1000 referral bonus for successful placements into this role. Include your name in the Referral Source field on the application.