Manager/Tech Lead, Network Engineering

Sunnyvale, CA, US • Posted 3 hours ago • Updated 3 hours ago
Full Time
Part Time
On-site
USD $60-70/hr
Fitment

Dice Job Match Score™

🧠 Analyzing your skills...

Job Details

Skills

  • palo alto
  • networking
  • meraki
  • cisco
  • sase
  • ztna

Summary

Manager/Tech Lead, Network Engineering

CTH

On-site Sunnyvale, CA

About this role:

We're looking for a hands-on Manager / Senior Technical Lead to take end-to-end ownership of our global corporate network and network security posture from the switch port to the SASE edge.

You'll own everything that connects our people to our systems: in-office wired and wireless connectivity, secure remote access, inter-office and third-party connectivity, and the governance of mobile and endpoint assets on the network. You'll also lead a strategic initiative: migrating our remote access model from Tailscale to Zscaler, enabling Zscaler Private Access (ZPA) to front our most sensitive internal applications.

This is a builder's role. You'll inherit a modern, well-invested stack (Palo Alto firewalls, Meraki switching/AP, Infoblox DDI, dual-ISP resilience per site) and be expected to mature it into a globally consistent, secure, and observable network as we open new offices and grow headcount.

What You'll Own

Global Network Architecture & Operations

- Take ownership of network architecture and operations across all Applied Intuition offices globally, including standards for wired/wireless LAN, WAN, and site design.

- Manage dual-ISP redundancy, failover, and site connectivity for each office location.

- Own our Palo Alto firewall estate (policy, segmentation, NAT, threat prevention) and Meraki switching/wireless environment (MX/MS/MR) across all sites.

- Administer and evolve our Infoblox DDI environment (DNS, DHCP, IPAM) as the source of truth for network addressing globally.

Zero Trust & Secure Remote Access

- Lead the migration from Tailscale to Zscaler, standing up ZIA for secure internet access and ZPA to broker access to sensitive internal applications without exposing them on a flat network.

- Design the target-state Zero Trust access model: user/device posture, app segmentation, and policy replacing broad VPN-style access with least-privilege, app-specific access.

- Manage the cutover plan, user migration, and legacy VPN decommissioning with minimal disruption to the business.

Site & Inter-Office Connectivity

- Design and maintain secure, performant connectivity between offices and to key third-party endpoints (data centers, cloud environments, partner networks).

- Build repeatable, documented playbooks for opening new office locations (network standing up new sites quickly and consistently as the company grows).

Leadership & Roadmap

- Act as the technical authority and escalation point for all things network you'll operate as both an individual contributor and a lead who can eventually build out a team as scope grows.

- Partner with the Head of Security and IT leaderships to set the multi-year network and network-security roadmap, and vendor strategy.

- Own vendor relationships (Palo Alto, Cisco Meraki, Zscaler, Infoblox) including licensing, renewals, and support escalations.

- Establish monitoring, alerting, and documentation standards so the network is observable and operable beyond "tribal knowledge."

What We're Looking For

- 7+ years in network engineering/architecture roles, including experience owning network security for a multi-site organization ideally at a high-growth technology company that scaled offices and headcount quickly.

- Hands-on expertise with Palo Alto Networks firewalls (policy, Panorama, threat prevention) and Cisco Meraki (MX/MS/MR) in production, multi-site environments.

- Direct experience with Infoblox or comparable DDI/IPAM platforms.

- Experience designing or migrating to a SASE/ZTN

A architecture direct Zscaler (ZIA/ZPA) experience is a strong plus; experience with a comparable platform (Cloudflare, Netskope, Palo Alto Prisma Access) is also relevant.- Working knowledge of modern lightweight VPN/mesh tooling (Tailscale, WireGuard) is a plus, particularly if you've been part of a migration off of one.

- Strong grasp of core networking fundamentals: routing/switching, VLANs, SD-WAN, DNS/DHCP, NAT, 802.1X/NAC.

- Experience governing mobile/BYOD device access on corporate networks (NAC, MDM integration).

- A track record of taking ambiguous, growing infrastructure and turning it into documented, standardized, and automatable operations.

- Comfort operating both strategically (roadmap, vendor strategy, budget) and hands-on (you will still be in the weeds, especially early

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
  • Dice Id: 91118290
  • Position Id: Stellar - 17626-36320-1783109740
  • Posted 3 hours ago
Create job alert
Set job alertNever miss an opportunity! Create an alert based on the job you applied for.

Similar Jobs

Palo Alto, California

Today

Easy Apply

Contract, Third Party

San Jose, California

Today

Full-time

USD 155,800.00 - 224,200.00 per year

San Jose, California

Today

Full-time

USD 134,500.00 - 193,500.00 per year

San Carlos, California

Today

Full-time

USD 160,400.00 - 220,550.00 per year

Search all similar jobs