Key skills
AnsibleAWSAzureCloudFirewallsGoogle Cloud PlatformiOSPythonSwitchingTCP/IPGCPGoogle CloudGitCI/CDLeadershipCommunicationNetwork Security
About this role
Role Overview
- Engineer, build, operate, and deliver network solutions for global data centers, cloud platforms, FedRAMP-authorized environments , build environments, and product connectivity needs.
- Engineer and optimize routing for a global IP backbone, including multi-region route propagation, redundancy, and traffic-engineering strategies.
- Engineer, build, and operate scalable, highly available L3 topologies using BGP, OSPF, and robust routing policy (communities, AS-path manipulation, MED/local-pref tuning, ECMP, route-reflector hierarchy).
- Design and implement secure network segmentation, boundary controls, and traffic isolation required for FedRAMP Moderate/High environments.
- Implement hybrid and cloud-native routing across AWS/Azure/GCP using Direct Connect, ExpressRoute, VPN, Transit Gateway, Virtual WAN, and cloud router constructs—ensuring alignment with FedRAMP architectures and security control requirements.
- Develop and maintain automated provisioning, configuration, compliance, and validation pipelines using Python, Ansible/AWX, and Git-driven CI/CD workflows, including FedRAMP configuration baselines .
- Ensure connectivity, availability, and performance across multi-region data centers, backbone sites, cloud platforms, and regulated FedRAMP environments using proactive monitoring, telemetry, and lifecycle management practices.
- Operate networks in accordance with FedRAMP continuous monitoring requirements , including configuration drift detection, vulnerability mitigation, and audit readiness.
- Troubleshoot complex routing, TCP, and connectivity issues using tools such as netcat, ping/ICMP, logs, and packet captures.
- Lead or support major incident response when needed, including FedRAMP-relevant incident handling, escalation, and reporting procedures .
- Execute changes, upgrades, and migrations safely using structured procedures (MOPs), documented approvals, automated workflows, and validated rollback mechanisms.
- Remediate vulnerabilities and maintain compliance across network OS versions, configurations, firmware, and security posture in coordination with Security and Compliance teams.
- Engineer enhancements, new capabilities, and service-driven connectivity features supporting product, platform evolution, and FedRAMP boundary services .
- Design automation that enforces least privilege, segmentation, encryption-in-transit, logging, and configuration compliance for regulated environments.
- Replace manual operational steps with automated workflows incorporating pre/post-checks, compliance gates, evidence collection, and safe-rollback logic.
- Test new network OS versions, automation logic, routing changes, and security controls in controlled environments prior to production and FedRAMP deployment.
- Partner with Build, Engineering, Architecture, Product, Security, and Compliance teams to ensure reliability, scalability, and alignment with FedRAMP control objectives.
- Translate product, regulatory, and platform requirements into network designs that meet FedRAMP architectural and security expectations with clear timelines and dependencies.
- Conduct capacity planning across links, devices, cloud gateways, backbone segments, routing domains, and FedRAMP boundary components.
Requirements
- Bachelor’s degree in Computer Science, Information Technology, or related field (Master’s preferred).
- 7+ years in network engineering with experience in large-scale, multi-region, and global routing environments.
- Experience engineering, operating, or supporting FedRAMP Moderate and/or High environments is strongly preferred.
- Deep hands-on expertise with BGP and OSPF in global IP backbone environments, including traffic engineering and multi-vendor interoperability.
- Strong operational and engineering experience with JunOS (MX, QFX, SRX preferred).
- Proficiency with additional network OS platforms (e.g., EOS, NX-OS, IOS-XE) is a plus.
- Strong troubleshooting across routing, switching, TCP/IP, asymmetric paths, latency, packet loss, MTU/fragmentation, and QoS behaviors.
- Experienced with hybrid cloud and cloud-native networking across AWS, Azure, and/or GCP.
- Hands-on automation skills using Python, Ansible/AWX, configuration templating, Git workflows, and automated testing/validation pipelines.
- Strong understanding of network security controls, boundary protection, encryption, logging, and segmentation concepts required for FedRAMP .
- Familiarity with firewalls, VPNs, DDoS mitigation, IDS/IPS, and NIST 800-53-based security frameworks .
- Strong incident leadership skills, able to coordinate cross-functional teams under pressure.
- Excellent written and verbal communication across Architecture, Product, Security, Compliance, Operations, and Build teams.
- Ability to mentor and elevate peers and junior engineers.
- Effective in fast-paced environments with competing priorities and regulatory constraints.
- Strong analytical thinking, structured problem-solving, and continuous-improvement mindset.
Tech Stack
- Ansible
- AWS
- Azure
- Cloud
- Firewalls
- Google Cloud Platform
- iOS
- Python
- Switching
- TCP/IP
Benefits
- More details about F5’s benefits can be found at the following link: https://www.f5.com/company/careers/benefits .