Description Under the direction of the Manager of IT Network Engineering, the Principal Network Engineer is responsible for the configuration, implementation and support of network firewalls, network routers/switches, network software, daily operational incidents, service request tickets, network break/fix support, incident and technical escalations, network maintenance and maintenance support. The Principal Network Engineer's role functions also include, but are not limited to enterprise project deliverables, project tasks, project documentation, build, installation, performance monitoring, optimization, troubleshooting and maintenance of a variety of systems of the network. This is a principal level role, specializing in advanced level network infrastructure design and network security solution delivery. In this role, you will: + Perform deployments of Next-Generation firewalls, firewall technologies and related security controls. + Configure firewall security rules and security policies as they pertain to project and security control deployments. + Implement and maintain robust security measures to safeguard the network against unauthorized access, cyber threats, and data breaches. + Design and enforce network access controls, firewalls, intrusion detection/prevention systems, and other security mechanisms. + Collaborate with cross-functional teams to ensure seamless deployment of network solutions. + Oversee network upgrades and migrations to minimize disruptions to the organization's operations. + Monitor network performance and proactively identifying and resolving bottlenecks, latency issues, and other performance-related problems. + Conduct regular network assessments and capacity planning to ensure optimal network performance. This flexible hybrid role allows for a blend of remote and on-site work, requiring presence on-site on an as-needed basis and within 2 hours of being asked to come on site to our corporate offices in Los Angeles. Please note, travel to the 'home office' location is not reimbursed. Each employee will complete a FlexWork Agreement with their manager to outline expectations and ensure mutual understanding. These arrangements are periodically reviewed and may be adjusted or terminated as necessary. Salary offers are based on a variety of factors including qualifications, experience, and internal equity. The full salary range for this position is $112,900 - $256,900 annually. The University anticipates offering a salary between the minimum and midpoint of this range. Qualifications Bachelor or Master degree in Computer Science, Information Systems, Electronics Engineering or a related field, and three years of experience, or an equivalent combination of education and experience. 7 Years+ experience in Information Technology IT Network Principal Network Firewall Engineer related products: + Cisco - Constant + Aruba -- Constant + Palo Alto - Constant + Netscout - Constant + Azure/AWS - Occasional + UNIX - Occasional Required Skills/Knowledge/Abilities: 1. Ability to analyze complex end-user business needs and devise effective cost efficient recommendations. 2. Demonstrated ability to write clear, precise, detailed, comprehensive, and grammatically correct letters, memos, reports, policies and procedures. 3. Interpersonal skills to work effectively with staff, faculty and administrators. 4. Ability to work effectively in spite of frequent interruption and competing priorities. 5. Demonstrated ability to work both independently and in team-oriented environment, to follow through on assignments with minimal direction, and to independently prioritize work. 6. General knowledge of relevant policies and procedures. 7. Ability to research and test new technologies and processes 8. Knowledge of DNS, DHCP, IP, ARP, UDP and TCP/IP 9. Hands-on data networking skills required including; IP & Ethernet routing and switching based network design, testing and implementations with in-depth knowledge of the OSI seven layer model and in depth familiarity with industry protocols including OSPF, HSRP, EIGRP, BGP, UDP, TCP/IP, Multicast, 802.1x, IPSec, Radius, TACACS10. Experience in using network protocol analyzers and sniffers such as WireShark, Fluke tools and the ability to decipher packet captures 11. Experience and knowledge of IEEE 802.11 wireless standards and Aruba wireless controllers 12. Support systems for network management including a working knowledge of Voice technologies. IP switching and routing architectures supporting VoIP and ISP services 13. Proficiency working with VLAN, VRF, HSRP, Port Security, Traffic Shaping, Priority Queuing, Class of Service (CoS) 14. An understanding of different cabling types: Multimode fiber, single-mode fiber, LC versus SC, 10/100/1000BaseX, Cat5, Cat5e, Cat6, RJ45 15. Experience using troubleshooting tools: traceroute, ping, mtr, nmap, netstat, ipconfig/ifconfig, iperf 16. Understand and apply IT Engineering Lifecycle methodology and practices 17. Ability to communicate the status of various systems to management and/or support personnel. 18. Ability to prioritize and execute tasks in a high-pressure environment 19. Ability to prioritize and organize work assignments UCLA Health welcomes all individuals, without regard to race, sex, sexual orientation, gender identity, religion, national origin or disabilities, and we proudly look to each person’s unique achievements and experiences to further set us apart.