2,614 Open roles
98 Companies
54 Posted today
Jobs / BrainRocket / Senior Network Engineer
Posted 2026-05-20

Senior Network Engineer

Description

The Corporate IT department is seeking a Senior Network Engineer to design, implement, and own the reliability of our corporate network infrastructure. You’ll work in a dynamic and fast‑moving environment where priorities can shift quickly — flexibility, ownership, and problem‑solving under changing conditions are key to success.

Responsibilities
  • Architect and maintain corporate network infrastructure using MikroTik, UniFi, and Fortinet. Design and operate HA topologies with VRRP and Fortinet HA (active-passive and active-active clusters).
  • Own the routing and switching stack: BGP, OSPF, VLANs, QoS, Multi-ISP load balancing and traffic-shaping policies.
  • Apply Infrastructure-as-Code principles across the entire network device estate — all configurations are defined in code (Ansible,Terraform ,etc), stored in version control, and reproducible on demand, with no manually managed devices.
  • Design, deploy, and continuously optimise Wi-Fi across UniFi and Fortinet FortiAP environments. Perform deep RF analysis: channel planning, power tuning, roaming optimisation (802.11r/k/v), and interference mitigation.
  • Implement and maintain WPA3-Enterprise authentication with RADIUS and EAP-TLS. Own certificate lifecycle for EAP-TLS in close collaboration with the Endpoint Engineer who manages device-side MDM provisioning.
  • Troubleshoot complex wireless issues end-to-end — from RF captures and supplicant logs to RADIUS debug and switch-port traces.
  • Implement and maintain 802.1X port-based authentication for wired endpoints across the corporate environment. Design and enforce granular VLAN segmentation aligned to user roles, device types, and trust levels.
  • Manage RADIUS policies for wired authentication and integrate with identity providers (Okta IdP) for dynamic VLAN assignment and CoA.
  • Operate and scale VPN infrastructure across WireGuard (site-to-site), OpenVPN (remote access), and GlobalProtect (Palo Alto).
  • Integrate VPN gateways with RADIUS and identity providers for MFA-enforced authentication. Define and enforce firewall policy, split tunnelling, and RBAC-driven access segmentation.
  • Build and own network observability: SNMP, NetFlow/sFlow, syslog pipelines, and dashboards in Grafana / VictoriaMetrics.
  • Define alerting thresholds, on-call runbooks, and postmortem processes. Lead resolution of P1/P2 network incidents and drive permanent root-cause fixes.
  • Develop Python-based tooling for network management tasks: configuration rendering, compliance checks, bulk changes, and operational reporting.
  • Write and maintain reusable scripts that integrate with network APIs and Git-based configuration workflows.
  • Cooperate with DevOps, Security, Identity, and Endpoint Engineering teams to align workflows and support cross-functional goals. Stay adaptable — priorities may shift rapidly as new critical initiatives arise.
  • Create and maintain technical documentation; share best practices and mentor teammates on network automation and IaC culture.
Requirements
  • 5+ years in network engineering or infrastructure roles.
  • Advanced knowledge of MikroTik RouterOS: routing, firewall, scripting, and CHR.
  • Expertise with Ubiquiti UniFi: controller management, RF tuning, and L3 adoption.
  • Expertise with Fortinet FortiGate: HA configuration, policy management, and FortiAP.
  • Proven experience with VRRP and multi-vendor HA failover design.
  • Solid IaC background applied to network devices: Ansible, Terraform, or equivalent, with Git-based change management.
  • Hands-on experience with 802.1X wired authentication and dynamic VLAN assignment via RADIUS.
  • Deep wireless troubleshooting skills: RF captures, supplicant debugging, EAP-TLS tracing, and roaming analysis.
  • Solid VPN experience covering WireGuard, OpenVPN, and GlobalProtect.
  • Working knowledge of Python for network automation and management tooling.
  • Familiarity with RADIUS integration with identity providers (Okta, Entra ID, or equivalent).
  • Strong monitoring and observability skills: SNMP, NetFlow, syslog, and dashboarding.
  • Excellent troubleshooting, communication, and cross-team collaboration skills.
  • Comfortable working in a fast-paced, ever-changing environment with shifting priorities.
Benefits
  • Learning and development opportunities and interesting, challenging tasks
  • Official employment in accordance with the laws of Poland and the EU, registration of family members
  • Relocation package (tickets, staying in a hotel for 2 weeks)
  • Opportunity to develop language skills and partial compensation for the cost of language classes
  • Birthday celebration present
  • Time for proper rest and 20 working days of Annual Vacation
  • Office snacks and refreshments
  • Sports package to support a healthy lifestyle
  • Comprehensive medical insurance for you and your partner
  • Comfortable office with great facilities in a prime location
  • Exciting corporate events, team-building activities, and international company parties