IT Network L3 Engineer
Location - Kolkata (with periodic travel to DC/DR sites as required)
Employment Type - Full-time
Role Summary
The IT Network L3 Engineer is the
senior escalation point for complex network issues, responsible for
design, implementation, optimization, and Tier3 support across data center (DC), disaster recovery (DR), campus, and branch networks. The role ensures
high availability, security, and performance of enterprise network services (routing, switching, wireless, WAN, VPN, firewall) and leads
major incidents, changes, and projects including DR readiness, network hardening, and migrations.
Key Responsibilities
Architecture & Design
- Design and document LAN/WAN topologies, DCDR interconnects, and network segmentation.
- Develop high availability designs (dual core, dual ISP, dynamic routing, SDWAN) and resilient underlay/overlay solutions.
- Produce HLD/LLD, configuration standards, and asbuilt documentation.
Implementation & Operations
- Configure and optimize L3 routing (OSPF/BGP/Static), L2 switching (STP/RSTP, EtherChannel, VLANs), and QoS.
- Deploy and maintain firewalls/UTM (zones, NAT, ACLs, VPN/IPsec/SSL, IDS/IPS), NAC/802.1X, and WAF (where applicable).
- Implement SDWAN policies, sitetosite VPNs, and P2P/private links; ensure SLA, latency, and jitter are within targets.
- Own complex wireless designs (WPA2/WPA3Enterprise, roaming, RF planning) and PoE switching.
- Lead major incident response; perform deep packet analysis; drive root cause analysis and permanent fixes.
- Plan and execute change management (maintenance windows, rollback plans, impact analysis).
Security & Compliance
- Enforce least privilege, microsegmentation, and Zero Trust principles; maintain network security baselines.
- Coordinate vulnerability remediation, firmware lifecycle, cert renewal, and audit evidence.
DR, Resilience & Performance
- Validate DCDR runbooks for network failover; test replication QoS and path diversity.
- Maintain BGP failover, IP SLA/track, and performance baselines (latency, throughput, loss).
- Capacity planning for links and devices; forecast 35 year growth.
Automation & Observability
- Manage NMS/APM/NetFlow/IPAM; create dashboards, alerts, and monthly SLA reports.
Governance & Collaboration
- Produce SOPs, KEDB, and RCA documents; mentor L1/L2 teams.
- Work with system, security, and application teams on projects (ERP cutovers, AD changes, DR drills).
Required Skills & Experience
Technical (musthave)
- Routing: OSPF, BGP, route redistribution, policybased routing, ECMP, HSRP/VRRP/GLBP.
- Switching: VLANs, trunking, STP variants, LACP, QoS, port security, multicast (PIM/IGMP).
- Firewalls/UTM: Zones, NAT, ACLs, VPN (IPsec/SSL), IDS/IPS, app control; exposure to Cisco/Checkpoint/Fortinet/Palo Alto.
- Wireless: Controllerbased WiFi, WPA2/WPA3Enterprise, RADIUS/802.1X, RF optimization.
- Tools: Wireshark, NetFlow/sFlow/IPFIX, NMS (SolarWinds/PRTG), IPAM/DNS/DHCP.
- Platforms: Cisco IOS/NXOS, HPE/Aruba, Fortinet/Palo Alto.
- Protocols: TCP/IP, DNS/DHCP, NTP, SNMPv3, SSH, TLS, RADIUS/TACACS+.
Experience
- 710 years in enterprise networking with L3 ownership of incidents/changes.
- Proven delivery of DCDR interconnect, ISP multihoming, and campus/branch rollouts.
Education & Certifications (preferred)
- Bachelor's in IT/Computer Science (or equivalent).
- CCNP Enterprise/Security, Aruba ANCP, Fortinet NSE4+, Palo Alto PCNSE (any mix).
Soft Skills
- Strong documentation and stakeholder communication.
- Ability to lead war rooms, mentor, and coordinate crossfunctional teams.
- Analytical mindset with a focus on RCA and prevention.
Working Conditions
- Oncall rotation for P1 incidents; planned maintenance windows (nights/weekends as needed).
- Travel to DC/DR/campus locations for installations and DR drills.
NicetoHave (roleadjacent)
- Experience with MPLS/EVPN/VXLAN, overlay networks, or microsegmentation tools.
- Exposure to cloud networking (Azure/AWS VNet/VPC, VPN Gateways, ExpressRoute/Direct Connect).
- Scripting for config audits, backup/restore, and compliance reports.
- Work experience in ISO standard DC.
Location: Kolkata - EMBI - A. J. C. Bose Road, Kolkata, West Bengal, India
