We are looking for a
Network Engineer position at Onsite – Phoenix, AZ. The position details are as follows.
Position: Network Engineer
Location: Onsite – Phoenix, AZ
Duration: 12 Months
Responsibilities
The network engineer’s primary role is to maintain the campus and data center routing and switching environment at Phoenix Sky Harbor International Airport, Deer Valley Airport and Goodyear Airport.
The Network Engineer is responsible for implementing and managing multiprotocol label switching (MPLS) network infrastructure. This includes but is not limited to Cisco core/distribution/access architecture, internal and edge firewalls, intrusion prevention systems, and wireless networks. The position is expected to create and maintain network documentation and perform hardware lifecycle and OS upgrades on all network equipment. Expertise in Cisco Catalyst and Nexus switches, virtual local area networks (VLANs), virtual routing and forwarding (VRFs) tables, Wireless LAN Controllers (WLC), Catalyst Center, Application Policy Infrastructure Controller (APIC), Secure Firewall, Virtual firewall contexts and rules, Cisco Identity Services Engine (ISE), and both Remote Access (RA) and Site-to-Site (S2S) Virtual Private Networks (VPN). Microsoft Azure network infrastructure resources. SolarWinds monitoring environment includes Network Performance Monitor (NPM), Network Traffic Analyzer, Network Configuration Manager (NCM), IP Address Manager, and User Device Tracker (UDT).
Required Knowledge And Experience
- Stacks of Cisco Catalyst 9300 access switches, including upgrading IOS-XE on stacked switches, configuring stacking data and power, port-channels, L2 VLANs, access/trunk port assignment, rapid-pvst, VLAN pruning, etc.
- Cisco Catalyst 6500 and 9600 chassis core and distribution switches, including upgrading IOS/IOS-XE on redundant supervisor engines, configuring OSPF, BGP, VSS, HSRP, port-channels, L2 VLANs, L3 SVIs, access/trunk port assignment, rapid-pvst, VLAN pruning, etc.
- Cisco Nexus 7700 and 9300 data center switches, including upgrading NX-OS, configuring DCI, VDC, VPC, high availability and failover, resilient connections to VMware host server farms, OSPF, BGP, HSRP, port-channels, L2 VLANS, L3 SVIs, rapid-pvst, VLAN pruning, etc.
- Large MPLS networks, including configuring MPLS VPNs, RD/RT values, VRFs, P/PE/CE devices, eBGP/iBGP peering, route reflectors, BFD, etc.
- Cisco ASR 1000 Internet edge routers, including upgrading IOS-XE, configuring eBGP peering with multiple ISPs for high availability of Internet routes, load balancing with IP prefix-list, NetFlow, etc.
- Cisco 9800 Wireless LAN Controllers, including configuring SSIDs, policies, policy tags, site tags, CAPWAP tunnels, etc.
Preferred Knowledge And Experience
- Cisco Industrial Ethernet 1000 and 4000 access switches, including upgrading IOS, configuring port-channels, L2 VLANs, access/trunk port assignment, rapid-pvst, VLAN pruning, etc.
- Hardware and software life cycle of network equipment, including planning, working with vendors, submitting purchase requests, inventory management, customer coordination, configuring, deploying in a manner that minimizes network down time, documenting, monitoring, troubleshooting, patching, decommissioning, etc.
- Solarwinds modules to monitor network environments, including NPM, NCM, IPAM, UDT, NTA and SAM.
- Proficiency troubleshooting connectivity issues using tools such as Wireshark or other packet analyzers.
- Proficiency with using MS Visio to diagram and document detailed network designs and configurations.
- MS Azure network infrastructure resources such as Vnet, Application Gateway, Private DNS Zone and Resolver, Key Vault, Application Service Plan, Application Programming Interface Management (APIM), Azure Firewall, Network Security Group, Virtual and Local Network Gateway, Connections, Public IPs and Private Endpoints.
Preferred/Desirable Knowledge
- Cisco Secure Firewall running in ASA mode, including configuring routed and transparent deployments, single and multiple contexts, firewall rules, NAT, service policies/inspection, site-to-site and remote access VPN, etc.
- Cisco Secure Firewall running in Threat Defense mode, including configuring IPS.
- Cisco ISE running in a medium distributed deployment, including configuring PAN, MNT and PSN nodes, policy sets, device administration policies, external identity sources, TACACS, RADIUS, etc.
- Cisco VOIP and QoS
- Cisco Spaces
- Cisco Catalyst Center
- Cisco SD-Access
- Cisco ACI
Ability To
- Comprehend and make inferences from material written in the English language.
- Learn job-related material through oral instruction, observation, structured lecture, and reading in the English language.
- Produce written documents in the English language with clearly organized thoughts using proper sentence construction, punctuation, and grammar.
- Develop and implement plans, policies, and procedures for hardware and software installations and operation.
- Utilize specialized technical software in support of hardware and software operational systems.
- Remain in a sitting position for extended periods of time.
- Analyze, interpret, summarize, and report research findings.
- Identify, plan, and conduct training sessions for other technical staff.
- Enter data or information into a terminal, PC, or other keyboard device.
- Work cooperatively with other employees.
- Work safely without presenting a direct threat to self or others.
- Use standard computer word processing, spreadsheet, database, and messaging software.
- Review and/or check the work products of others to ensure conformance to standards.
- Analyze situations accurately and suggest an effective course of action.
Additional Requirements
- Appointments to this position are subject to appropriate background standards.
- Some positions require the use of personal or City vehicles in City business. Individuals must be physically capable of operating vehicles safely, possess a valid driver's license and have an acceptable driving record. Use of a personal vehicle for City business will be prohibited if the employee is not authorized to drive a city vehicle or if the employee does not have personal insurance coverage.
- Working hours for this position will require rotating on-call status with varying shifts and days, as assigned.
Required Experience And Training
- Five+ years of progressive experience in the field of network engineering managing large scale environments.
- Current Cisco CCIE, CCNP, or CCNA certifications are required – no candidates will be considered without certification.
Acceptable Experience And Training
- BA or BS degree in Computer Science, Information Security, or related field. Other combinations of experience and education that meet the minimum requirements may be substituted.
- Additional experience and certifications related to Cisco and Microsoft Azure networking and information security are desirable.