Job Description :: Network Engineer at Irvine, California (face to face interview)
Rajat Kumar
Hi,
Please share resume if comfortable in the job description mentioned below:
Title: Network Engineer
Location : Irvine, California (face to face interview)
Duration : 6+ Months
PROJECT OVERVIEW
This initiative modernizes network architecture across corporate offices, branch locations, and manufacturing plants. The work includes standardizing LAN and edge designs, upgrading firewall platforms, simplifying IT/OT segmentation, and migrating to Prisma SD‑WAN. Execution will be performed by two onsite deployment teams working in parallel.
ARCHITECTURE OB JECTIVES
Redesign LAN architecture using a standardized core/distribution/access model.
Improve scalability by moving select VLAN gateways from firewalls to core switch SVIs.
Simplify and optimize OT network segmentation with dedicated IT and OT core switching.
Standardize edge infrastructure using next‑generation firewalls and Prisma SD‑WAN.
Replace legacy PA‑440 firewalls with PA‑1420 platforms.
Simplify IT/OT segmentation by reducing firewall zone complexity and enabling dynamic routing.
SCOPE OF WORK
Firewall Upgrade (PA‑440 → PA‑1420)
Rack, cable, and power new firewalls.
Migrate configurations (zones, policies, NAT, VPNs, routing).
Validate functionality and decommission legacy units.
LAN Gateway Migration (Firewall → Core Switch SVIs)
Configure VLANs and SVIs on IT/OT core switches.
Update routing on firewalls and SD‑WAN.
Validate inter‑VLAN routing and application connectivity.
SD‑WAN Migration (VeloCloud → Prisma SD‑WAN)
Rack and provision ION devices.
Migrate WAN circuits and validate tunnels, policies, and failover.
Decommission VeloCloud equipment.
Onsite Deployment Responsibilities
Rack/stack, cabling, and physical connectivity.
Device staging and readiness checks.
Cutover execution during maintenance windows.
Post‑cutover validation and issue remediation.
DEPLOYMENT MODEL
Two onsite teams, each with two engineers.
Parallel execution across multiple sites.
Standardized templates, checklists, and repeatable build–test–cutover process.
TESTING & VALIDATION
Firewall policy and health checks.
LAN gateway and routing verification.
IT/OT segmentation testing.
SD‑WAN tunnel and failover validation.
User, application, and system connectivity testing.
DELIVERABLES
Fully operational PA‑1420 firewalls.
Operational Prisma SD‑WAN connectivity.
Migrated VLAN gateways on core switches.
Updated documentation and diagrams.
Configuration backups.
Site‑level deployment and validation reports.
Final site acceptance sign‑off.
Additional expectations:
Vendor engineers will shadow our internal network team for the first two sites.
After that, vendor teams are expected to execute deployments independently.
Engineers must be fully capable of supporting firewalls, switching, routing, and SD‑WAN.
This role requires 100% travel across multiple plant locations.