Summary
The Network Engineer will be responsible for leading the design, implementation, and ongoing management of the organization’s network infrastructure, spanning both on-premise and cloud environments. This role requires a deep technical understanding of networking technologies, cybersecurity frameworks, and hybrid infrastructure, with a specific focus on Microsoft Azure. The Network Engineer will play a key role in ensuring network reliability, security, and scalability across diverse environments, including office spaces and manufacturing facilities. Additionally, this role involves collaborating with cybersecurity teams, to implement advanced security measures, and vendors to ensure effective equipment management and deployment.
Essential Functions
- Design, configure, and maintain network components such as switches, routers, firewalls, and access points, including Layer 2 and Layer 3 switches
- Implement, maintain, and enforce networking best practices (VLANs, ACLs, DHCP, DNS, DMZs, firewall rules, etc.) to ensure optimal security and performance
- Manage and configure hybrid network infrastructure, focusing on best practices for Identity and Access Management (IAM), Least Privilege, and Cloud Connectors, especially within Microsoft Azure environments
- Apply modern cybersecurity frameworks and standards (NIST, CMMC) to network architecture, ensuring adherence to best practices and regulatory requirements
- Implement and maintain cloud services, including Office365/Entra/Azure, with a focus on secure cloud identity, authentication, and authorization (Tokenization, Session Cookies, etc.)
- Troubleshoot network issues by identifying root causes and implementing effective solutions to minimize downtime
- Maintain and update documentation for network configurations, including topology diagrams, equipment configurations, and operational procedures
- Manage Active Directory environments, Fortinet firewalls, and Extreme Network equipment
- Configure and maintain NTFS/share permissions, shared folders, and access controls within the organization
- Work with third-party vendors to manage and maintain systems like phone and camera systems, ensuring proper configuration and documentation
- Perform network upgrades, patches, and routine updates to ensure hardware and software remain up to date (This may involve working outside business hours to minimize downtime.)
- Assess and implement new network technologies to improve performance, scalability, and security
- Maintain data center environments, including the management of hot/cold aisles, racked hardware, battery backups, and environmental monitoring (moisture, temperature)
- Ensure rogue devices are not connected to the network, coordinating with the cybersecurity team to implement advanced security configurations
- Create and deploy servers, understanding roles and features such as Domain Controllers, Application/File/Print Servers, with best practices in mind
- Monitor external bandwidth usage, schedule ISP maintenance, upgrades, and ensure minimal disruptions to network operations
- Maintain an asset management inventory of network hardware, including tracking equipment lifecycle and usage
- Perform other related duties as required and assigned
COMPETENCIES
- Strong understanding of networking protocols and technologies such as Routing (Static, Dynamic, Default), BGP, TCP/IP, DNS, DHCP, VLAN, VPN (IPSEC/SSL), etc.
- Strong understanding of Certificates, Encryption, and PKI Infrastructure and how to implement technologies to ensure data encryption both in transit and at rest
- Experience with enterprise-level network equipment such as Cisco, Juniper, Fortinet and hybrid cloud environments
- The ability to automate tasks, installations, and deployments to improve efficiency and productivity in a secure manner
- Proficiency in Windows and Linux server administration (on-premise and cloud-based)
- Hands-on experience with cloud platforms such as AWS, Azure, or Google Cloud
- Knowledge of cloud networking concepts such as VPC, Subnets, VPN (ISPEC/SSL), Zero Trust, Just-In-Time Access and integration with on-premise networks
- Strong understanding of security measures for hybrid infrastructures including firewalls, VPNs, and cloud security practices
- Experience with virtualization platforms such as VMware and Hyper-V and hybrid cloud management tools
- Proficiency in using monitoring tools to track both on-premise and cloud system performance such as SolarWinds, Nagios, and CloudWatch
- Strong problem-solving skills with the ability to troubleshoot complex network and hybrid system issues
- Understanding of containerization technologies such as Docker and Kubernetes
- Excellent problem-solving skills and attention to detail
- The ability to start and complete projects with little to no oversight
- Strong communication and collaboration skills
SUPERVISORY RESPONSIBILTY
This position has no supervisory responsibilities.
Education And Experience
- Bachelor’s degree in Computer Science, Information Technology, or a related field preferred
- Deep understanding of the OSI model and how it pertains to Systems Administration and Security
- 2-3+ years of experience in network engineering or a related role, with experience in hybrid infrastructures
- Experience with deploying, managing, and troubleshooting on Windows and Linux systems
- Proven experience with cloud-based network development and deployment
- Strong understanding of both front-end and back-end frameworks and technologies
- A proven track record in upgrading legacy apps/code into new modern and secure frameworks
CERTIFICATIONS
- Must hold at least 1 of the following certifications:
- CompTIA Network+, Azure Fundamentals, Azure Identity and Access Management, Cisco Certified Network Associate (CCNA) or another relatable certificate
- Additional certifications such as Fortinet NSE, Azure Security, AWS Certified Developer, Azure Developer, Cisco Certified Network Professional (CCNP), Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), etc.) are a plus
WORK ENVIRONMENT
Environmental exposures are like those found in most heavy industrial settings and may include noise, heat, cold, vibration, dust, fumes, and smoke. Work may be carried out indoors or outdoors and may involve exposure to inclement weather conditions.
PHILLY SHIPYARD is a TOBACCO FREE facility.
PHYSICAL DEMANDS
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. A range of motion sufficient to perform general lifting, carrying, bending, stooping, climbing, extended walking or standing, etc. is required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
POSITION TYPE/EXPECTED HOURS OF WORK
This is an onsite, full-time, safety-sensitive position. Standard days and hours of work vary by department, days and hours determined by department schedules.
Other Duties
Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time or without notice.
Philly Shipyard is committed to equal opportunity for all applicants. The recruitment, selection, employment and training of employees during employment shall be without discrimination because of race, color, religion, national origin, gender or age-except that the applicant must meet the minimum age requirement. Hanwha Philly Shipyard does not, and will not, discriminate because of the disability of such individual.