Network Engineer (Security) || Richmond, VA onsite

Title: Network Engineer (Security)
Location: Richmond, VA onsite

Note: USC/GC/GC-EAD and H4 – EAD And Local to Richmond, VA onsite

Top skills:
• 12+ years of experience in enterprise networking
• Deep expertise in BGP routing and network design
• Strong hands-on experience with:
• Palo Alto Networks firewalls
• Cisco SD-WAN (Viptela)

Key Responsibilities
• Architecture & Design
• Lead design and implementation of enterprise and cloud networking architectures (Azure, AWS, hybrid)
• Develop and execute network consolidation strategies across multiple environments and business units
• Architect secure, scalable connectivity patterns including:
• Site-to-site and client VPNs
• SD-WAN deployments
• Cloud transit hubs and hub/spoke models
• Define standards for routing, segmentation, and high availability
• Cloud Networking
• Design and manage networking in Azure and familiarity AWS, and GCP.

Implement and maintain:
• Virtual networks (VNets/VPCs)
• Peering and private connectivity (ExpressRoute, Direct Connect)
• Network security controls (NSGs, firewalls, routing tables)
• Integrate on-prem and cloud environments.
• Routing & Core Networking

Design and troubleshoot complex routing environments using:
• BGP, OSPF/EIGRP
• Optimize routing policies for performance, failover, and traffic engineering
• Lead troubleshooting of latency, packet loss, and asymmetric routing issues
• Security & Firewalls

Manage next-gen firewall solutions, primarily:
• Palo Alto Networks firewalls (PAN-OS, Panorama)
• Define and enforce security policies, NAT, and segmentation strategies
• Partner with security teams on threat mitigation and compliance requirements
• SD-WAN & Branch Networking

Design and support SD-WAN solutions using:
• Cisco Viptela / Cisco SD-WAN
Manage and optimize branch networking using:
• Cisco Meraki (full stack: MX, MS, MR)
• Ensure consistent policy, performance, and visibility across all sites
• Carrier & Vendor Management
• Act as primary technical liaison with telecom carriers and ISPs
• Lead troubleshooting of circuit issues (latency, outages, routing anomalies)
• Validate and design circuit turn-ups (DIA, MPLS, broadband, LTE/5G)
• Coordinate with vendors during deployments, escalations, and outages

Operations & Leadership
• Serve as Tier 3 escalation point for network-related incidents
• Mentor junior engineers and provide technical guidance
• Develop and maintain documentation, standards, and runbooks
• Participate in on-call rotation as needed

Required Qualifications:
• Deep expertise in BGP routing and network design
• Strong hands-on experience with:
• Palo Alto Networks firewalls
• Cisco SD-WAN (Viptela)
• Cisco Meraki full stack
• Proven experience designing and implementing cloud networking architectures
• Strong troubleshooting skills across routing, firewall, and connectivity domains
• Experience working directly with telecom carriers and ISPs
• Preferred Qualifications

Experience with:
• Multi-tenant or multi-environment network consolidation
• Certifications (preferred but not required):
• CCNP/CCIE
• PCNSE (Palo Alto)
• Azure Network Engineer Associate (AZ-700)
• AWS Advanced Networking Specialty

Regards:
Aniket Singh
Email: aniket.singh@blackrockgrps.com