L2 Network Engineer

Role Summary

The L2 Network Engineer is responsible for designing, implementing, optimizing, and troubleshooting complex enterprise network infrastructures. This role demands strong expertise in routing, switching, firewalls, SD-WAN, load balancing, data center networking, network security, and automation. The engineer will act as an escalation point for L1/L2 teams and lead critical projects, migrations, and performance improvements.

Key Responsibilities

A.Network Design & Architecture

Design and architect enterprise LAN/WAN, Data Center, and campus networks.

Create HLD/LLD, network diagrams, topology layouts, and documentation.

Capacity planning, traffic engineering, and bandwidth optimization.

Evaluate new technologies like SD-WAN, ACI, VXLAN, EVPN, and automation tools.

B. Implementation & Operations

Implement enterprise-grade routing & switching solutions (OSPF, BGP, EIGRP, MPLS, VRF, STP, HSRP/VRRP).

Deploy, configure, and maintain network devices including routers, switches, firewalls, WLC, load balancers, and VPN appliances.

Data center networking: Leaf-Spine architecture, VXLAN, Fabric, Cisco ACI (advantage).

Execute network upgrades, migrations, expansions, and firmware updates.

Administer IP addressing, DNS, DHCP, NAC, AAA/RADIUS/TACACS+.

C. Security & Compliance

Configure and manage Enterprise Firewalls (Palo Alto / Fortinet / Check Point / Cisco Firepower).

Web security, URL filtering, threat prevention, SSL inspection.

Manage site-to-site VPN, remote VPN, IPsec, SSL VPN solutions.

Participate in security audits, compliance checks, and vulnerability mitigation.

D. Escalation Management

Act as L3 SME for complex and critical network incidents.

Perform root cause analysis (RCA) and problem management.

Coordinate with OEMs, ISPs, and vendors to resolve escalated issues.

Mentor and guide L1/L2 teams, provide KT sessions.

E. Monitoring & Performance Optimization

Monitor network performance, latency, and packet loss using tools (SolarWinds/Nagios/PRTG/Spectrum).

Implement proactive alerting, redundancy, high availability, and failover strategies.

Improve network resiliency, uptime, SLA adherence, and service continuity.

F. Automation & Scripting

Develop scripts for network automation using Python, Ansible, APIs, Nornir, etc.

Automate configuration backups, compliance checks, and device provisioning.

G. Documentation & Reporting

Maintain network configuration standards, SOPs, policies, and procedures.

Prepare incident reports, change management documentation, and RCA reports.

Maintain detailed asset & inventory records.

3. Required Technical Skills

Routing & Switching

Expert in OSPF, BGP, MPLS, VRF, EIGRP, STP, VLANs, VTP, HSRP/VRRP, EtherChannel.

Experience with Cisco, Juniper, Aruba, HPE, Dell, or equivalent platforms.

Firewalls & Security

Deep expertise in Palo Alto / Fortinet / Check Point / Cisco Firepower.

Strong understanding of NGFW features, IDS/IPS, threat protection.

Data Center & Advanced Networking

VXLAN, BGP EVPN, Leaf-Spine architecture.

Cisco ACI / NSX / SDN technologies.

Wireless & WAN

SD-WAN solutions (Cisco Viptela, Fortinet, Aruba, Versa).

Wireless Controllers, corporate Wi-Fi, 802.11 standards.

Tools & Platforms

Monitoring: SolarWinds, PRTG, Nagios, NetBrain.

Ticketing & ITIL: ServiceNow, Remedy, Jira.

Automation

Python

Ansible

YAML, JSON, REST APIs

Network automation frameworks

Cloud Networking (Preferred)

AWS / Azure VNet, Transit Gateway, VPN, Direct Connect / ExpressRoute

Cloud firewalls & security policies

4. Soft Skills

Strong analytical and problem-solving capabilities.

Excellent communication and leadership skills.

Ability to work under pressure in high-severity situations.

Collaborative attitude and mentoring ability.

Strong docu