Employment Requirements
This opportunity is not open to C2C relationships or visa sponsorship.

Job Description
This Contractor will be working in the Systems Network Engineering section and is responsible for managing specific backend systems, information security, and network infrastructure.

This includes but is not limited to blade and standalone servers running primarily Windows operating systems, server and desktop virtualization utilizing VMware, and SAN storage. The section is responsible for system security such as vulnerability scans and remediation, system hardening, intrusion detection and prevention, and PCI compliance. LAN administration as well as second and third level desktop support is also provided by this section in support of the dedicated desktop and help desk teams.

SNE group also manages the network architecture which runs predominantly on Cisco network equipment. This includes all routing and switching, wireless, Firepower appliances in ASA mode for firewalling and threat defense mode for intrusion prevention, remote access and site-to-site VPNs, identity and AAA services, Tenant Technology Services (TTS) networks, as well as interconnects to other business partners, the City’s enterprise network, and the Internet. The airport has more than 60 unique business systems running on carrier grade MPLS network infrastructure.


Responsibilities
Primary role is to maintain the campus and data center routing and switching environment at 3 client locations.


Qualifications
Stacks of up to four Cisco Catalyst 2960, 3850 and 9300 access switches, including upgrading IOS-XE on stacked switches, configuring stacking data and power, port-channels, L2 VLANs, access/trunk port assignment, rapid-pvst, VLAN pruning, etc.
Cisco Industrial Ethernet 4000 and 5000 access switches, including upgrading IOS, configuring port-channels, L2 VLANs, access/trunk port assignment, rapid-pvst, VLAN pruning, etc.
Cisco Catalyst 6500 and 9600 chassis core and distribution switches, including upgrading IOS/IOS-XE on redundant supervisor engines, configuring OSPF, BGP, VSS,
HSRP, port-channels, L2 VLANs, L3 SVIs, access/trunk port assignment, rapid-pvst, VLAN pruning, etc.
Cisco Nexus 7700 and 9300 data center switches, including upgrading NX-OS, configuring DCI, VDC, VPC, high availability and failover, resilient connections to VMware host server farms, OSPF, BGP, HSRP, port-channels, L2 VLANS, L3 SVIs, rapid-pvst, VLAN pruning, etc.
Medium to large MPLS networks, including configuring MPLS VPNs, RD/RT values, VRFs, P/PE/CE devices, eBGP/iBGP peering, route reflectors, BFD, etc.
Cisco ASR 1000 Internet edge routers, including upgrading IOS-XE, configuring eBGP peering with ISPs for Internet routes, load balancing with IP prefix-list, Netflow, etc.
Cisco 9800 Wireless LAN Controllers, including configuring SSIDs, policies, policy tags, site tags, CAPWAP tunnels, etc.
Hardware and software life cycle of network equipment, including planning, working with vendors, submitting purchase requests, inventory management, customer coordination, configuring, deploying in a manner that minimizes network down time, documenting, monitoring, troubleshooting, patching, decommissioning, etc.
Solarwinds modules to monitor network environments, including NPM, NCM, IPAM, UDT, NTA and SAM.
Proficiency troubleshooting connectivity issues using tools such as Wireshark or other packet analyzers.
Proficiency with using MS Visio to diagram and document detailed network designs and configurations.
Preferred/Desirable knowledge and experience in the following:
Cisco Firepower running in ASA mode, including configuring routed and transparent deployments, single and multiple contexts, firewall rules, NAT, service policies/inspection, site-to-site and remote access VPN, etc.
Cisco Firepower running in FTD mode, including configuring IPS.
Cisco ISE running in a medium hybrid deployment, including configuring PAN, MNT and PSN nodes, policy sets, device administration policies, external identity sources, TACACS, RADIUS, etc.
Cisco VOIP and QoS
Cisco DNA Spaces
Cisco DNA Center
Cisco SD-Access
Cisco ACI
Cisco VXLAN
Develop and implement plans, policies, and procedures for hardware and software installations and operation.
Utilize specialized technical software in support of hardware and software operational systems.

Must have qualifications
BA or BS degree in Computer Science, Information Security, or related field.
Five+ years of progressive experience in the field of network engineering managing large scale environments.

Current Cisco CCIE, CCNP, or CCNA certifications are required – no candidates will be considered without certification. Additional experience and certifications related to Cisco networking and information security are desirable.


*Solü Technology Partners provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, sexual orientation, national origin, age, disability or genetics.