FreeHire

Zensar

Network Engineer

Show

Key Responsibilities

  • Design, implement, and optimize FortiGate‑based SD‑WAN (business intent overlays, SLA policies, application steering, local breakout).
  • Engineer and maintain Firewall security: zones, objects, policies, NAT (central NAT), UTM profiles, SSL inspection, IPS/DoS policies, logging.
  • Plan and deploy site‑to‑site VPNs (route/policy‑based), IPsec HA, and hub‑and‑spoke topologies alongside Internet/MPLS underlays.
  • Lead campus switching design: STP/RSTP/MST, VLANs, link aggregation (LACP/EtherChannel), access control, QoS marking, storm control.
  • Build L3 segmentation (VRFs), inter‑VLAN routing, and east‑west policies across access/distribution with clear zone models.
  • Implement high availability: FortiGate A‑P/A‑A clusters, dual‑homed uplinks, first‑hop redundancy (VRRP/HSRP/GLBP as applicable).
  • Create and maintain network documentation: HLD/LLD, diagrams, IP addressing, security baselines, SOPs, and migration runbooks.
  • Establish monitoring & telemetry: SNMP, NetFlow/IPFIX, Syslog, SOC/SIEM integration; define alerting thresholds & runbooks.
  • Drive capacity planning, performance tuning, and proactive lifecycle management (firmware, images, templates).
  • Collaborate with security, apps, and infra teams for change planning, DR/BCP, and audit/compliance requirements.
  • Contribute to automation (nice‑to‑have): Ansible/Terraform/Git pipelines for config templates, compliance checks, and push operations.
  • Provide Tier‑3/4 escalation support and participate in on‑call as needed.

Key Responsibilities

  • Design, implement, and optimize FortiGate‑based SD‑WAN (business intent overlays, SLA policies, application steering, local breakout).
  • Engineer and maintain Firewall security: zones, objects, policies, NAT (central NAT), UTM profiles, SSL inspection, IPS/DoS policies, logging.
  • Plan and deploy site‑to‑site VPNs (route/policy‑based), IPsec HA, and hub‑and‑spoke topologies alongside Internet/MPLS underlays.
  • Lead campus switching design: STP/RSTP/MST, VLANs, link aggregation (LACP/EtherChannel), access control, QoS marking, storm control.
  • Build L3 segmentation (VRFs), inter‑VLAN routing, and east‑west policies across access/distribution with clear zone models.
  • Implement high availability: FortiGate A‑P/A‑A clusters, dual‑homed uplinks, first‑hop redundancy (VRRP/HSRP/GLBP as applicable).
  • Create and maintain network documentation: HLD/LLD, diagrams, IP addressing, security baselines, SOPs, and migration runbooks.
  • Establish monitoring & telemetry: SNMP, NetFlow/IPFIX, Syslog, SOC/SIEM integration; define alerting thresholds & runbooks.
  • Drive capacity planning, performance tuning, and proactive lifecycle management (firmware, images, templates).
  • Collaborate with security, apps, and infra teams for change planning, DR/BCP, and audit/compliance requirements.
  • Contribute to automation (nice‑to‑have): Ansible/Terraform/Git pipelines for config templates, compliance checks, and push operations.
  • Provide Tier‑3/4 escalation support and participate in on‑call as needed.

Key Responsibilities

  • Design, implement, and optimize FortiGate‑based SD‑WAN (business intent overlays, SLA policies, application steering, local breakout).
  • Engineer and maintain Firewall security: zones, objects, policies, NAT (central NAT), UTM profiles, SSL inspection, IPS/DoS policies, logging.
  • Plan and deploy site‑to‑site VPNs (route/policy‑based), IPsec HA, and hub‑and‑spoke topologies alongside Internet/MPLS underlays.
  • Lead campus switching design: STP/RSTP/MST, VLANs, link aggregation (LACP/EtherChannel), access control, QoS marking, storm control.
  • Build L3 segmentation (VRFs), inter‑VLAN routing, and east‑west policies across access/distribution with clear zone models.
  • Implement high availability: FortiGate A‑P/A‑A clusters, dual‑homed uplinks, first‑hop redundancy (VRRP/HSRP/GLBP as applicable).
  • Create and maintain network documentation: HLD/LLD, diagrams, IP addressing, security baselines, SOPs, and migration runbooks.
  • Establish monitoring & telemetry: SNMP, NetFlow/IPFIX, Syslog, SOC/SIEM integration; define alerting thresholds & runbooks.
  • Drive capacity planning, performance tuning, and proactive lifecycle management (firmware, images, templates).
  • Collaborate with security, apps, and infra teams for change planning, DR/BCP, and audit/compliance requirements.
  • Contribute to automation (nice‑to‑have): Ansible/Terraform/Git pipelines for config templates, compliance checks, and push operations.
  • Provide Tier‑3/4 escalation support and participate in on‑call as needed.