Senior Network Engineer
Aitheras
Full-time
On-site
New York City, New York, United States
IT & Support
Senior Network & Security Engineer
Location: New York Tri-State Area (NYC / Northern NJ / Fairfield–Westchester CT)
Work Model: Hybrid — 3 days on-site at primary data-center campus in Midtown Manhattan or Secaucus, NJ; 2 days WFH.
Clearance: None required, but ability to pass a Tier 2 public-trust background check is a must.
Travel: < 10 % (regional PoP / DR-site visits)About Us
AITHERAS, LLC is a customer-focused IT consulting firm delivering cost-effective, mission-critical solutions since 2002. We specialize in Data Analytics, Cloud Computing, IT Engineering, Application Development, and Cyber Security. Based in Rockville, MD, we’re ISO 9001:2015 certified, an SBA-designated Small Business, and an MBE-certified firm by MDOT. We partner with over 100 clients to create scalable, innovative solutions that drive success.What You’ll Do
Must-Have Qualifications
Location: New York Tri-State Area (NYC / Northern NJ / Fairfield–Westchester CT)
Work Model: Hybrid — 3 days on-site at primary data-center campus in Midtown Manhattan or Secaucus, NJ; 2 days WFH.
Clearance: None required, but ability to pass a Tier 2 public-trust background check is a must.
Travel: < 10 % (regional PoP / DR-site visits)About Us
AITHERAS, LLC is a customer-focused IT consulting firm delivering cost-effective, mission-critical solutions since 2002. We specialize in Data Analytics, Cloud Computing, IT Engineering, Application Development, and Cyber Security. Based in Rockville, MD, we’re ISO 9001:2015 certified, an SBA-designated Small Business, and an MBE-certified firm by MDOT. We partner with over 100 clients to create scalable, innovative solutions that drive success.What You’ll Do
| % Time | Responsibility |
| 40 % | Design & Implementation – Build and migrate segmentation zones, VRFs, and BGP/OSPF fabrics across Cisco Nexus 9K, Juniper QFX/MX, and Palo Alto PA-Series. |
| 25 % | Security & Visibility – Stand up TACACS+/Cisco ISE for AAA, integrate flow telemetry into Cisco Secure Network Analytics (StealthWatch), deploy taps/SPANs/Gigamon, and tune IDS/IPS policies for OT & IT. |
| 15 % | Automation – Write and maintain Python/Ansible/Terraform pipelines (pyATS, Nornir, Jinja2) for golden-config generation, compliance drift detection, and CI/CD-based push-button rollouts. |
| 10 % | Operations & Incident Response – Serve as L3 escalation and join a 1-week-per-6 on-call rotation; own post-mortems and MTTR metrics. |
| 10 % | Documentation & Mentoring – Produce HLDs/LLDs, MOPs, and runbooks; coach junior engineers toward CCNP/PCNSE. |
- 8+ years progressive experience in enterprise or service-provider networking.
- Deep expertise configuring and troubleshooting BGP, OSPF, static routing, VRFs, VXLAN-EVPN.
- Hands-on with Cisco Catalyst/Nexus & ASA/FTD, Juniper EX / QFX / MX, and Palo Alto NGFWs (Pan-OS 9/10).
- Solid command of AAA (TACACS+, RADIUS) and production deployments of Cisco ISE or equivalent.
- Practical experience deploying or operating flow-analytics / tap infrastructure (StealthWatch, Gigamon, NetFlow/IPFIX, SPANs).
- Comfort writing Python and Ansible playbooks; git-based workflows (GitLab/GitHub, CI pipelines).
- Familiarity with network IDS/IPS (Snort, Zeek, Palo Alto Threat Prevention) and SIEM workflows (Splunk, QRadar).
- Ability to create HLD/LLD diagrams in Visio or draw.io and present them to technical & business leadership.
- U.S. work authorization and ability to commute to NYC area 3× week.
- CCNP Enterprise/Security, PCNSE, JNCIS-ENT/Sec, or CCIE (R&S / Enterprise).
- Cisco Secure Network Analytics design experience (flow collector sizing, policy tuning).
- Prior exposure to industrial / OT networks (NIST 800-82, Purdue Model, SCADA segmentation).
- AWS or Azure Advanced Networking certification; Transit Gateway design experience.
- Experience with F5 LTM/GTM or Citrix ADC in low-latency trading or fintech environments.
- Source-of-truth & intent platforms (NetBox, Nautobot), RESTful API development, or Go/Rust scripting.
- Base Salary: FTE: 135K-140K or $90-$100 C2C/1099
- FTE Benefits: 100 % employer-paid medical / dental / vision, 401(k) 5 % match, ESPP
- FTE Training: $3 k annual cert stipend, paid time for labs & conferences (Cisco Live, Palo Alto Ignite)