Network Engineer IV at CBTS

, , United States -

Full Time

Start Date

Immediate

Expiry Date

03 Jun, 26

Salary

137000.0

Posted On

05 Mar, 26

Experience

10 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Fortinet Sase, Fortigate, Secure Sd-wan, Tier-3 Escalation, Ztna, Swg, Fwaas, Bgp, Ospf, Aws, Azure, Gcp, Python, Ansible, Terraform, Snmp

Industry

IT Services and IT Consulting

Description

The Network Engineer IV – Fortinet/FortiSASE is a senior technical engineer and Fortinet subject‑matter expert responsible for the 24×7 operational support and optimization of enterprise FortiSASE and FortiGate Secure SD-WAN, within a Managed Services (MS) and Network‑as‑a‑Service (NaaS) environment. This role serves as a Tier‑3 escalation engineer, supporting complex customer environments across hybrid, cloud, and global networks, while maintaining strong multi‑vendor networking fundamentals and supporting adjacent SASE and SD‑WAN platforms as required. The engineer directly influences customer satisfaction, service quality, and incident resolution outcomes, and collaborates closely with Managed Services Security, Managed Services Network, Engineering, Presales Architecture, Product, and Service Management teams. Key Responsibilities 24×7 Operations & Tier‑3 Escalation Participate in a 24×7 on‑call rotation as a Tier‑3 escalation engineer for Fortinet network stack with a focus on Fortinet Secure SD-WAN and FortiSASE.. Troubleshoot and resolve complex issues across: FortiGate Secure SD-WAN control and data planes FortiSASE (ZTNA, SWG, FWaaS) IPsec/ SSL VPN, BGP, NAT, and firewall policy enforcement Lead high‑severity incident response, customer communications, and root cause analysis (RCA). Act as a technical escalation point during major outages. Fortinet/ SASE Engineering & Lifecycle Management Lead support Fortinet/FortiSASE architectures, including: Fortinet SD‑WAN branch and hub designs Fortigate/FortiSASE for ZTNA, SWG, and FWaaS Own the full service lifecycle: Customer onboarding Change management Platform upgrades and migrations Decommissioning Validate and enforce: Security policies Routing and segmentation strategies High availability and resiliency standards Routing, SD‑WAN & Cloud Networking Support advanced routing implementations: BGP (required) including policy control, filtering, and failover OSPF Enable and support hybrid and cloud connectivity: AWS (VPC, Transit Gateway) Azure (vNET, vWAN, ExpressRoute) Google Cloud Platform (VPC) Ensure optimized traffic steering, SLA adherence, performance, and application visibility. Security & Zero Trust Networking Support: Zero Trust Network Access (ZTNA) Secure Web Gateway (SWG) Cloud‑delivered firewall policies (FWaaS) Integrate FortiGate/FortiSASE with: Identity providers (SAML, MFA) Remote and mobile user access models Partner with security teams to align network enforcement with enterprise security posture. Automation, Tooling & Operational Maturity Contribute to automation and standardization using: APIs, Python, Ansible, or Terraform (preferred) Improve observability through: Fortinet dashboards Monitoring platforms (e.g., LogicMonitor, SNMP, API‑based telemetry) Develop and maintain: SOPs and operational runbooks Troubleshooting and escalation guides Service readiness documentation for new Prisma releases Mentor Tier‑1 and Tier‑2 engineers. Collaborate with Architecture, Product, and Service Management teams to evolve the Prisma SASE managed offering. Required Technical Skills Prisma SASE (Core Focus) Hands‑on expertise with: FortiGate Secure SD-WAN FortiSASE Strong understanding of: Cloud‑delivered security architectures SD‑WAN overlays, underlays, and service insertion models Traffic steering and policy enforcement Networking Fundamentals Advanced WAN and routing expertise: BGP (required) OSPF Strong knowledge of: High availability and redundancy design QoS and application‑aware routing NAT and firewall concepts TCP/IP and dynamic routing protocols Multi‑Vendor Networking Awareness Experience with one or more of the following (Prisma remains the primary focus): Fortinet Secure SD‑WAN / FortiSASE Cisco SD‑WAN, Meraki Arista VeloCloud Juniper Mist / SSR Ability to translate architectures and concepts across vendors Qualifications & Experience 10+ years of hands‑on network engineering experience. Strong experience with configuration and support of: Routers, switches, firewalls, hubs, and WAN infrastructure Experience with hardware and software firewalls: Palo Alto, Fortinet, Check Point Prior experience in network design or sales engineering is a plus. Proficiency with: Network monitoring and performance analysis tools Visio for detailed network diagrams Familiarity with: Wireless technologies and site surveys Security intelligence sources (e.g., CERT, BugTraq) Fortinet FCP-SASE required. Fortinet NSE 6-SASE or higher SASE track highly recommended. Cisco certifications (CCNP or CCIE) highly recommended. #LI-PK1 #LI-REMOTE #LI-NETWORKENGINEER Due to U.S. Government requirements applicable to foreign-owned telecommunications providers, non-US citizens may be required to submit to an extensive government agency background check which will necessitate disclosure of sensitive Personally Identifiable Information.

Responsibilities

This senior role involves 24x7 operational support and Tier-3 escalation for enterprise Fortinet Secure SD-WAN and FortiSASE environments, focusing on troubleshooting complex issues across control and data planes, VPNs, routing, and firewall policies. Key duties also include leading the full service lifecycle for Fortinet/FortiSASE architectures, managing onboarding, changes, upgrades, and enforcing security and routing standards.