Role Overview
We are seeking a seasoned L3 Network Engineer with deep expertise in enterprise networking, security infrastructure, and wireless technologies. The ideal candidate is a self-driven professional capable of independently managing complex network environments, driving incident resolution, and ensuring optimal performance across LAN, WAN, and wireless ecosystems.
Core Technical Skills
Routing & Switching
- Advanced hands-on expertise in enterprise switching (VLANs, trunking, port aggregation, QoS) and multi-layer routing
- Strong command of routing protocols including RIPv2, OSPF, EIGRP, BGP (iBGP/eBGP), Static and Policy-Based Routing
- In-depth knowledge of OSI and TCP/IP models with practical troubleshooting ability at all layers
- Proficiency in Spanning Tree Protocol (STP, RSTP, MSTP) and loop prevention mechanisms
- Solid understanding of LAN/WAN architectures, NAT/PAT, DHCP, DNS, and IPv4/IPv6 addressing
Firewall & Security
- Hands-on experience with Sophos XG/XGS Firewall – rule management, IPS/IDS, SSL inspection, web filtering, and VPN (IPSec/SSL)
- Ability to design and implement security zone policies, DMZ architecture, and access control strategies
- Experience with firewall log analysis, threat identification, and incident response
Wireless (Wi-Fi)
- Configuration and management of enterprise Wi-Fi access points, controllers, and SSIDs
- Maintenance of Wi-Fi Access Control Lists (ACLs) and client isolation policies
- Daily monitoring and administration of Captive Portal user lists and authentication policies
- Troubleshooting RF interference, coverage gaps, roaming issues, and throughput degradation
- Familiarity with Wi-Fi standards (802.11a/b/g/n/ac/ax) and enterprise wireless best practices
Network Monitoring & Management
- Proficient in PRTG Network Monitor – alert monitoring, sensor creation/deletion, threshold tuning, and performance baselining
- Fine-tuning of PRTG configurations and monitored devices per industry best practices
- Monitoring of ISP and P2P links, proactive fault detection, and ISP ticket management with SLA follow-up
Operational Responsibilities
- Incident Management: Own L3 network incidents end-to-end – diagnose, resolve, and document root cause analysis (RCA) for routing, switching, firewall, and wireless issues
- Switch & AP Management: Installation, configuration, and lifecycle management of switches, access points, and wireless controllers; raise TAC cases and coordinate hardware replacements as needed
- Change Management: Plan and execute network changes with proper change records, rollback procedures, and stakeholder communication
- ISP Coordination: Monitor ISP and point-to-point links, raise fault tickets, track resolution, and maintain SLA compliance reports
- Performance Reporting: Prepare and submit Weekly and Monthly performance reports covering uptime, utilization, incidents, and trends
- Documentation: Maintain up-to-date network inventory and Low-Level Design (LLD) documentation on a weekly basis
- Capacity Planning: Identify bottlenecks, forecast growth, and recommend infrastructure upgrades proactively
Certifications & Qualifications
- CCNA (mandatory); CCNP or equivalent strongly preferred
- Sophos Certified Engineer or equivalent firewall certification is a plus
- Wireless certifications (CWNA, Sophos Wireless) are advantageous
Soft Skills & Work Style
- Ability to work independently with minimal supervision, demonstrating ownership and accountability
- Strong analytical and problem-solving skills with a methodical approach to troubleshooting
- Clear and professional written and verbal communication – able to interface with vendors, ISPs, and internal stakeholders
- Proactive mindset – anticipates issues before they become outages
- Comfortable working in a 24x7 on-call or shift-based environment when required
This version elevates the role to true L3 scope by adding protocol depth (OSPF, BGP), security design responsibilities, wireless troubleshooting expertise, and strategic elements like capacity planning and change management — while keeping all the original operational duties intact.
