IT Network Engineer (Permanent – Onsite – Los Angeles, CA)

A prominent organization within the Computer and Mathematical industry is actively seeking a highly skilled and dedicated IT Network Engineer (Permanent – Onsite – Los Angeles, CA) to bolster their core network infrastructure team. This permanent position, based onsite in Los Angeles, California (near Ladera Heights), is crucial for ensuring the agency’s network connectivity remains highly available, reliable, and secure across all operations. The ideal candidate will possess a deep technical understanding, a proactive approach to network management, and a commitment to maintaining robust and secure digital infrastructure.

IT Network Engineer (Permanent – Onsite – Los Angeles, CA)

Location: Los Angeles, CA (near Ladera Heights) – This is a Permanent, Onsite role, requiring daily presence at the designated facility.

Employment Type: Permanent

Salary: $100,000 – $120,000 yearly, depending on experience (DOE)

Industry: Computer and Mathematical

What We’re Looking For: Role Overview and Core Focus

We are seeking a seasoned Information Technology (IT) Network Engineer who will be the cornerstone of supporting and enhancing the agency’s vital network infrastructure. The core mission of this role is to meticulously ensure that network connectivity is not only consistently available but also operates with unwavering reliability and uncompromised security. This position demands a hands-on expert capable of managing complex network environments across diverse locations.

Key Duties and Responsibilities: Driving Network Stability and Security

As an IT Network Engineer, your responsibilities will span the full lifecycle of network management, from configuration and security implementation to monitoring, troubleshooting, and continuous optimization. Your daily tasks will include:

• Comprehensive LAN/WAN Network Infrastructure Management: You will be directly responsible for managing the agency’s entire LAN/WAN (Local Area Network/Wide Area Network) network infrastructure across all remote sites. This includes overseeing the connectivity, performance, and health of both local office networks and the links that connect them to central data centers and other remote locations, ensuring seamless communication and data flow across the entire organizational footprint.
• Router and Switch Configuration for Reliable Operations: You will expertly configure routers and switches to ensure highly reliable network operations within the primary data centers and across all remote sites. This involves meticulous setup of routing protocols (e.g., OSPF, EIGRP, BGP), VLANs, STP, EtherChannel, QoS policies, and other advanced features to optimize traffic flow, ensure redundancy, and maintain network stability even under heavy loads or in the event of component failures.
• Management and Security of Agency WiFi Systems: You will take charge of managing and rigorously securing the agency’s WiFi systems. This encompasses designing secure wireless architectures, configuring wireless access points (APs) and wireless LAN controllers (WLCs), implementing robust authentication mechanisms (e.g., RADIUS, 802.1X), segmenting wireless networks for guest and corporate access, and continuously monitoring for unauthorized access or vulnerabilities to ensure highly secure and reliable wireless connectivity.
• Firewall Management for Infrastructure Security: A critical duty will be to comprehensively manage all network firewalls to secure the infrastructure from potential security breaches. This involves configuring firewall rules, policies, and VPNs (Virtual Private Networks) to control incoming and outgoing network traffic, prevent unauthorized access, and establish secure tunnels for remote connectivity, thereby creating robust security perimeters around the agency’s valuable data and systems.
• Implementation of IPS, IDS, and Port Security: You will be responsible for implementing IPS (Intrusion Prevention Systems), IDS (Intrusion Detection Systems), and port security measures to actively prevent unauthorized access to the network. This includes configuring and monitoring these systems to detect and block malicious traffic, identify suspicious activities, and restrict device access to network ports, thereby adding multiple layers of defense against internal and external threats.
• Monitoring, Troubleshooting, and Addressing Network Issues: You will continuously monitor, troubleshoot, and proactively address all network-related issues. This involves utilizing network monitoring tools to track performance metrics, respond to alerts, analyze network traffic patterns, and conduct deep-dive diagnostics to pinpoint root causes of connectivity problems, performance bottlenecks, or system outages, ensuring rapid resolution and minimal disruption to services.
• Design, Implementation, and Enforcement of Network Segmentation: You will play a key role in the design, implementation, and enforcement of network segmentation and security perimeters. This involves logically dividing the network into isolated segments based on security requirements (e.g., separating user networks from server farms, or critical operational networks from general IT infrastructure) to limit the lateral movement of threats and minimize the impact of potential breaches.
• Implementation of Network Monitoring Tools for Bottleneck Detection: You will implement and optimize various network monitoring tools specifically designed to detect bottlenecks and performance degradation. This includes configuring SNMP, NetFlow/sFlow, syslog, and other telemetry data collection methods, setting up alerts, and creating dashboards to provide real-time visibility into network health, bandwidth utilization, latency, and packet loss, enabling proactive optimization.
• Firmware Upgrades, Patching, and Hardware Maintenance: You will systematically upgrade firmware, apply patches, and keep all network hardware up-to-date with the manufacturer’s recommended code. This ensures that network devices benefit from the latest security enhancements, bug fixes, and performance improvements, reducing vulnerabilities and maximizing hardware stability and longevity.
• After-Hours Project Support and Escalation: You will provide essential after-hours project support for planned network changes, upgrades, or deployments that must occur outside of normal business hours to minimize impact. Additionally, you will serve as a point of escalation for critical network issues that arise after hours, demonstrating commitment to network availability around the clock.
• Perform Other Duties as Assigned: You will be flexible and willing to perform other duties as assigned that fall within the scope of network engineering and support, contributing to the overall success of the IT department and the agency.

Required Experience: Your Professional Background

To be successful in this IT Network Engineer role, you must possess a strong foundation of practical, hands-on experience in various aspects of network engineering within a similar enterprise environment.

• Network Engineer Experience (5+ years): A minimum of 5 years of verifiable experience as a network engineer in an environment comparable to that of a large agency or enterprise is required. This demonstrates a seasoned professional capable of handling diverse network challenges.
• Router and Layer 3 Switch Support (3+ years): You must have a minimum of 3 years of dedicated experience supporting Routers and Layer 3 switches. This includes extensive hands-on configuration, troubleshooting, and optimization of these devices, which are critical for routing traffic and managing VLANs across complex networks.
• Next-Generation Firewall Management (3+ years): A minimum of 3 years of experience managing next-generation firewalls is essential. This signifies expertise in advanced firewall features such as application control, intrusion prevention, deep packet inspection, and robust security policy management.
• WiFi Standards Support (3+ years): You must possess a minimum of 3 years of experience supporting WiFi Standards including 802.11n, 802.11ac, and 802.11ax. This demonstrates proficiency in deploying, managing, and troubleshooting modern wireless networks, understanding their capabilities and performance characteristics.
• Network Segmentation and Security Implementation (3+ years): A minimum of 3 years of experience implementing network segmentation and security measures is required. This highlights your practical knowledge in designing and deploying secure network architectures to isolate systems and prevent unauthorized access or lateral movement of threats.

Education and Certifications: Academic and Professional Acumen

To further solidify your qualifications, the ideal candidate will possess a blend of formal education and industry-recognized certifications.

• Bachelor’s Degree and Work Experience: A Bachelor’s Degree from an accredited university is required, complemented by 5-7 years of verifiable relevant work experience. This combination ensures both a strong theoretical foundation and practical application of knowledge in real-world network environments.
• Technical Certifications: Possession of valuable Technical Certifications is highly desirable, demonstrating specialized knowledge and commitment to the field. This includes certifications such as CompTIA Network+ (validates foundational networking skills), Cisco CCNA (Cisco Certified Network Associate), and Cisco CCNP (Cisco Certified Network Professional) (confirming advanced Cisco routing and switching expertise), and ECMS (Extreme Networks Certified Switching & Routing Specialist) or similar vendor-specific certifications.

Core Competencies: Essential Knowledge and Skills

Beyond specific experiences, your success in this role will be driven by a set of core competencies that enable effective network management and problem-solving.

• Deep Knowledge of Core Networking Concepts: You must possess knowledge and practical experience with TCP/IP (Transmission Control Protocol/Internet Protocol), including advanced subnetting concepts, various routing protocols (e.g., OSPF, EIGRP, BGP), VLANs (Virtual Local Area Networks) for network segmentation, and configuring site-to-site VPNs (Virtual Private Networks) for secure inter-office connectivity. This fundamental understanding is paramount.
• Complex Network Troubleshooting Expertise: You must have proven experience troubleshooting complex network issues. This extends beyond basic connectivity problems to intricate routing loops, performance bottlenecks, intermittent outages, and multi-protocol interoperability challenges, requiring a methodical and analytical approach.
• Routine Network Maintenance and Optimization: Experience with conducting routine network maintenance and optimization tasks is essential. This includes performing firmware upgrades, configuration backups, log analysis, capacity planning, and implementing adjustments to improve network performance and reliability on an ongoing basis.
• Comprehensive Documentation Development and Maintenance: You must have experience with developing and maintaining comprehensive documentation for network configurations, diagrams, procedures, and troubleshooting guides. This ensures knowledge transfer, operational consistency, and efficient support for the network infrastructure.

If this IT Network Engineer role in Los Angeles, CA, aligns with your robust network engineering experience, passion for security, and commitment to highly available infrastructure, we encourage you to learn more about this exciting permanent opportunity. This is a fantastic chance to join a vital agency and make a direct impact on its critical network systems.

To take the next step in your career and potentially contribute to a secure and reliable network environment, click “Apply Now.” A dedicated recruiter will be in touch with you promptly to discuss this great opportunity in detail, answer any questions you may have, and guide you through the application process. We look forward to connecting with you and exploring how your expertise can make a significant impact!