Job Title: Network Operations Engineer 1 Yr Contract to Hire

Location: Costa Rica (Remote/Hybrid work model)

Department: Global IT Infrastructure

Reports to: Global Network Manager

Position Overview:

The Senior Network Operations Engineer is a key member of the global network team, responsible for supporting and securing the global enterprise network infrastructure through expert-level troubleshooting, advanced operational support, and automation. This role emphasizes high-level hands-on problem resolution, network health, and configuration integrity. Candidates should bring deep experience troubleshooting Cisco platforms (including FTD, SD-WAN, Catalyst WiFi, Firepower, and ISE), strong scripting skills for automation, and a proactive mindset toward network reliability and performance.

Key Responsibilities:

Advanced Troubleshooting & Support

• Serve as Tier 2/3 escalation point for complex network issues across Cisco Firepower Threat Defense (FTD), SD-WAN, Catalyst WiFi, and VPN platforms.
• Troubleshoot secure WiFi connectivity, including EAP-TLS authentication integrated with Cisco ISE for profiling and posturing.
• Identify and resolve remote access and site-to-site VPN issues, particularly those involving ASA, Firepower and ISE integration.
• Collaborate with global and regional teams to isolate and resolve WAN, LAN, and wireless issues.
• Deep troubleshooting of fundamentals such as routing protocols such as EIGRP and BGP, Layer 2 port security and OSI L1-L4 troubleshooting.
• Provide 24x7 on-call support rotation for high-severity incidents and outages.

Deployment, Maintenance & Operations

• Configure and maintain Cisco FTD appliances in Cloud Firepower Management Center (FMC).
• Support SD-WAN deployments, template updates, device registration, and custom control and data policy troubleshooting.
• Ensure uptime and performance of Cisco Catalyst wireless environments.
• Manage hardware lockdown, software upgrades, and patching of network infrastructure.
• Administer and maintain VPN environments (IPSec, RA-VPN), access control lists (ACLs), and failover configurations.

Automation & Scripting

• Develop and maintain Python scripts for routine configuration tasks and operational checks using network device APIs (REST, JSON).
• Leverage scripting to automate monitoring, config backups, audits, and reporting.
• Partner with architecture and security teams to deploy automated workflows aligned with global standards.

Configuration & Performance Management

• Use SolarWinds and other tools for ongoing monitoring, configuration management, and proactive alerting.
• Conduct regular audits and fine-tuning of FTD firewall policies and VPN access rules.
• Manage configuration backups and implement approved changes through the change management process.
• Maintain compliance with security policies and audit requirements.

Collaboration & Knowledge Sharing

• Provide remote guidance and support to market-level network engineers during on-site tasks.
• Create and update documentation for operational procedures, remote support processes, troubleshooting guides and physical and logical network diagrams using Visio.
• Conduct knowledge-sharing sessions and training for regional analysts on tools and procedures relevant to their environments.
• Assist with ISP and external provider escalations as needed.

Tool Ownership

• Administer key infrastructure platforms, including:
• Cisco Defense Orchestrator (CDO)
• Firepower Management Center (FMC)
• Cisco Security Manager (CSM)
• Cisco Identity Services Engine (ISE)
• SolarWinds (monitoring/config management)
• CSPC / Cisco SMARTNET Total Care
• Extended Detection and Response (XDR) platforms
• Custom automation scripts and Python environments

Qualifications:

• Bachelor’s degree in Computer Science, Information Technology, or equivalent experience.
• 5+ years of experience in global enterprise network operations and troubleshooting.
• Deep hands-on expertise with:
• Cisco Firepower Threat Defense (FTD)
• Cisco SD-WAN (vManage, vBond,
• Cisco Catalyst WiFi (including 9800 series controllers)
• Cisco Identity Services Engine (ISE)
• EAP-TLS authentication and secure WiFi integration
• Site-to-Site and Remote Access VPNs on Firepower
• Extended Detection and Response (XDR).
• Proficient in Python scripting and use of APIs for network automation.
• Experience with network monitoring tools (SolarWinds or similar).
• Strong understanding of TCP/IP, routing, switching, and firewall concepts.
• CCNP or equivalent certification required; Cisco Certified Specialist (Security or Wireless) or DevNet Associate a plus.
• Strong documentation and communication skills with the ability to collaborate across time zones.