Senior Network Engineer (ITS Department)

The Senior Network Engineer’s role is to develop, maintain, troubleshoot, and optimize functional and secure networks and network connections to ensure high levels of availability and security of the supported systems and business applications. The Senior Network Engineer will play a key role in the design, build, and ongoing support of the Firm’s functional networks (LAN, WLAN, WAN), and configuration and installation of software, servers, firewalls, routers, and other network devices to support the secure operation and expansion of the Firm’s networking infrastructure. Monitor and optimize network performance, integrity and security as well as resolution of network support and performance issues of the Firm’s cloud and local networking infrastructure are also within scope for this role. This individual requires an extensive background and indepth technical knowledge of communication protocols (e.g., TCP/IP) and routing protocols (BGP, OSPF) and solid background in network administration and architecture. Familiarity with access control models and network security required, along with experience with network diagnostic, monitoring and analysis tools (e.g., SolarWinds). A solid understanding of network operating systems (Cisco IOS) and some knowledge of coding for scripting to support networking for Microsoft Active Directory (AD), Azure Directory Federation Service ADFS, Windows Server Datacenter, and Enterprise also needed. In addition, the desired individual will possess experience to support networking elements of VMware Virtual Center (VCenter) management platform.

Qualifications:

• A minimum of 7 years of relevant experience.
• College degree strongly preferred, ideally with focus in computer science, engineering, or related fields. Industry-related experience as a Senior Network Engineer or Network Administrator.
• Working technical knowledge of network, PC, and platform operating systems.
• Extensive knowledge and experience in planning and executing networking for Microsoft Active Directory expansions and domain integrations.
• Strong knowledge of local area network administration.
• Hands-on software and hardware troubleshooting experience.
• Demonstrated experience with large AD Forest Management and hybrid ADFS deployments and implementations.
• Demonstrated experience with SQL Scripts – Microsoft SQL Server and SQL Shack preferred.
• Ability to troubleshoot in complex Active Directory and Active/Azure Federation Service environments and quickly identify root cause problems.
• Experience working with Microsoft Identity technologies including Active Directory, Windows File Services, and Group Policies.
• Expert knowledge in administering Active Directory (AD) and Group Policy Object (GPOs).
• Knowledge of Microsoft Defender Security and Identity Management Suite (MDE, MDI and MDAV). Professional Cisco network certification (e.g. CCNP, CCDP).
• Must have deep and thorough understanding of monitoring best practices, preferably with Microsoft System Center Operation Manager (SCOM) and Microsoft certifications – MSCE.
• Experience documenting and maintaining configuration and processing information.
• Good understanding of the organization’s goals and objectives.
• Knowledge of applicable data privacy practices and laws.
• Strong customer service orientation.
• Proven analytical and problem-solving abilities.
• Ability to effectively prioritize and execute tasks in a high-pressure environment.
• Strong interpersonal and oral communication skills.
• Adept at reading, writing, and interpreting technical documentation and procedure manuals.
• Ability to conduct research into hardware and software issues and products as required.
• Ability to present ideas and solutions in user-friendly language.
• Highly self-motivated and directed.
• Keen attention to detail.
• Skilled at working within a team-oriented, collaborative environment.
• You must be fully vaccinated against COVID-19 by your hire date to be eligible for starting in the role. Proof of vaccination will be required. Our client will provide reasonable accommodation(s) based on medical or religious grounds for qualified candidates.
• Position requires access to equipment, software, or technology that is subject to U.S. export controls. To be granted access pursuant to US Export Control laws, candidate must be either (a) a United States citizen or national; (b) a person lawfully admitted for permanent residence of the United States (i.e., “Green Card” holder); or (c) an INSapproved refugee or asylum holder who has applied for naturalization within six months of the date the individual first became eligible; and if not yet naturalized, is still actively pursuing naturalization if 2 years have passed since the date of application to be granted access pursuant to US Export Control laws. Candidates will be required to submit appropriate documentation to determine whether access can be granted before proceeding further through the application process.
• Note: Lifting and transporting of moderately heavy objects, such as computers and peripherals.

Duties and Responsibilities:
Operational Management:

• Coordinate with systems administration, business application, and database administration functions to implement networking to support desktop and server systems that utilize industry best practices to meet Firm objectives. 
• Synthesize networking needs for Firm’s Microsoft Active Directory and Federation Service and optimization networking plans for the Firm's on premise and cloud-integrated domain and identity environments.
• Support capacity planning and system optimization support for the AD and ADFS environments to allow domain expansion and growth.
• Provide advanced networking technical support for the Microsoft Windows Server enterprise server environments – Tier 3 technical support for all Windows servers and systems in a 24×7 environment. Plan and support networking-related Windows Server and VMware system maintenance updates and networking patches on all enterprise servers and systems.
• Deploy networking hardware, firewalls, and support deployment of encryption systems, and all host security systems. 
• Provide advanced networking technical support for Microsoft Active Directory and Azure Directory Federation Service domain services.
• Deploy, manage, and support networking aspects of Microsoft and other third-party applications, such as MS Outlook, SharePoint, Teams, System Center Configuration Manager (SCCM), and Systems Center Operations Manager (SCOM). 
• Manage network operating systems and end-user software.
• Manage networking aspects of communications (email)and connection solutions, including workstation connectivity, local area networks, company Web site, intranet, and Internet applications.
• Ensure the network integrity and security of enterprise data on host computers, multiple databases, and during data transfer in accordance to business needs and industry best-practices regarding privacy, security, and regulatory compliance.
• Manage networking aspects of end user accounts, permissions, access rights, and storage allocations in accordance with best-practices regarding privacy, security, and regulatory compliance.
• Perform network and security audits.
• Perform and test routine network system backups and restores. 
• Anticipate, mitigate, identify, troubleshoot, and resolve network hardware and software problems on networking gear, servers, input/output fleet, and workstations.
• Support application development teams throughout project lifecycles.
• Analyze network, system, server, application, and input/output device performance. 
• Recommend, schedule, and perform software and hardware improvements, upgrades, patches, reconfigurations, and/or purchases.
• Conduct research on emerging products, services, protocols, and standards in support of systems, software procurement, and development efforts. 
• Create required reports in response to business user needs. 
• Support the development, document, and maintain policies, procedures, and associated training plans for system administration and appropriate use. 
• Support the maintenance of Exchange servers. 
• Support the maintenance of Fax server(s).
• Administer networking components of iManage access – creating/removing accounts, permissions, importing documents.
• Manages Secure Mail services.