Senior Network & Firewall Engineer

Senior Network & Firewall Engineer Americaneagle.com is a family-owned web design, development, and digital marketing agency with a passionate belief in the power of technology to positively transform business practices. Our focus is on helping customers grow and achieve success in the digital space. We cover a variety of different industries, including eCommerce, associations & nonprofits, government, healthcare, sports & entertainment, transportation, and more. The company was recently named by Built In Chicago as one of the best places to work and to Inc.com's list of 5000 fastest-growing private companies for the past eight years. We are seeking a Senior Network & Firewall Engineer to design, operate, and secure the network infrastructure that powers both our corporate environment and our website hosting platform. Working directly with the Head of Network Infrastructure, this role is a senior individual contributor responsible for the day-to-day health, scalability, and security of a mixed Juniper and Palo Alto environment supporting internal users, hosted customer workloads, and client-facing engagements. The ideal candidate brings deep, hands-on expertise across Juniper routing and switching and next-generation firewalls from both Juniper and Palo Alto Networks. Equally important is the ability to produce clear, accurate, and durable technical documentation, including runbooks, network diagrams, change records, and customer-facing design artifacts, that allow the broader team and our clients to operate confidently. This person will be a trusted technical voice in architecture discussions, incident response, and client engagements. Responsibilities Design, deploy, and maintain enterprise and hosting network infrastructure built on Juniper routers, including MX/ACX, and Juniper EX/QFX switches, including spine-leaf, top-of-rack, and access layer designs Operate and tune Juniper SRX and Palo Alto Networks firewalls, including Panorama or Strata Cloud Manager management, across perimeter, internal segmentation, and hosting tenant boundaries Configure and troubleshoot dynamic routing, including BGP and

OSPF, MPLS

where applicable, VRFs/virtual routers, VLANs, VXLAN/EVPN, link aggregation, and high-availability clusters Manage IPv4 addressing, DNS integration points, NAT, and traffic engineering for both corporate and multi-tenant hosting environments Plan and execute maintenance windows, code upgrades, including Junos and PAN-OS, and hardware refreshes with minimal customer impact Own the firewall lifecycle including rule design and review, App-ID/URL filtering, threat prevention, decryption, GlobalProtect/SSL VPN, IPsec site-to-site tunnels, and zone-based policy across PAN and SRX Implement and maintain network segmentation between corporate, management, and hosting/production zones in line with security and compliance objectives, including SOC 2 and PCI where applicable Partner with the security team on detection engineering, log forwarding to SIEM/XDR, and response to network-based incidents Conduct periodic firewall rulebase reviews, decommission stale rules, and drive the environment toward least-privilege access Produce and maintain authoritative network documentation, including logical and physical topology diagrams, IP/VLAN allocation registers, firewall zone and policy maps, BGP peering and ASN inventories, and circuit/carrier records Write clear runbooks and standard operating procedures for routine operations, failover scenarios, and incident response Document every significant change through the change management process, including pre-change state, validation steps, and rollback plans Contribute customer-facing technical documentation for RFP responses, design proposals, and post-implementation handoffs Support client-facing engagements as a subject matter expert by joining technical calls, scoping network requirements, and reviewing customer environments where the hosting platform integrates with client networks Participate in an on-call rotation for production network and firewall incidents Required Qualifications 7+ years of progressive experience in network engineering roles, with at least 3 years operating production networks for a hosting provider, ISP, MSP, data center operator, or comparable multi-tenant environment Deep, hands-on expertise with Juniper Junos on routing and switching platforms, including EX, QFX, and MX or ACX Strong production experience with Palo Alto Networks firewalls, including PAN-OS, Panorama and/or Strata Cloud Manager, plus working expertise with Juniper SRX Solid command of BGP and OSPF in real-world topologies, including troubleshooting peering, route policy, and convergence issues Practical experience with NAT, IPsec VPNs, SSL VPN/GlobalProtect, HA clustering, and stateful firewall policy design Demonstrated ability to produce high-quality technical documentation, including diagrams, runbooks, and design documents that other engineers and customers can actually use Comfort working in a structured change management process and operating production-impacting changes during maintenance windows Excellent written and verbal communication skills, including the ability to explain technical concepts to non-technical client stakeholders Preferred Qualifications Industry certifications such as JNCIS/JNCIP/JNCIE, including SP, ENT, or SEC tracks, and PCNSE Experience operating

EVPN/VXLAN

fabrics, MPLS L3VPN, or other service-provider style designs Familiarity with data center interconnect, BGP communities and route policy at scale, and carrier-facing operations Exposure to SOC 2, PCI-DSS, or similar compliance frameworks as they apply to network controls Hosting industry background, including web hosting, managed services, or cloud platform operations Americaneagle.com provides its employees with an energetic work environment and opportunities to further develop their skills. Our dedication to growing our development team is how we can produce excellent sites and applications for our clients. We do all of this while maintaining a family value focus and pushing for a good work-life balance. The US-based salary range for this full-time position is $120,000-$160,000 per year. Within this range, individual pay is determined by job-related skills, experience, and relevant education or training. At Americaneagle.com, we are committed to providing a comprehensive benefits package, a positive work environment, company activities, and more. To see our benefits and what we've been up to, click here!