Cloud Network Security Engineer (Senior/Lead)

Cloud Network Security Engineer (Senior / Lead)

Job Description

Our manufacturing and distribution company operates five manufacturing plants, four distribution warehouses, and multiple sales offices. Our continued success is driven by our commitment to delivering high-quality products, responsive service, and operational excellence across all locations.

As a Cloud Network Security Engineer (Senior / Lead), you will serve as the primary technical leader responsible for the design, security, performance, and reliability of TM Cobb’s enterprise network infrastructure. This includes all Cisco Meraki LAN/WLAN environments, CATO SASE Cloud and Socket deployments, and hybrid connectivity to cloud-hosted IBM iSeries and virtual server environments supporting ERP systems. This role is both strategic and hands-on, requiring leadership of network architecture, cybersecurity enforcement, and mentoring of junior network technicians. You will work closely with Technology leadership and business stakeholders to develop, implement, and maintain secure, scalable, and high-performing network systems across all eight company locations.

Pay range: $75.00 – $100.00 per hour (commensurate with experience)

Duties and Responsibilities

Leadership & Strategy

• Serve as the technical lead and subject matter expert for all network and network security operations. 
• Lead, mentor, and develop junior network engineers and technicians, establishing training paths and best practices. 
• Define and enforce network architecture standards, security policies, and operational procedures. 
• Partner with Technology leadership to align network strategy with business goals, ERP performance, and cloud initiatives. 
• Drive continuous improvement of network performance, security posture, and operational efficiency.

Network Architecture & Engineering 

• Design, implement, and manage enterprise network infrastructure across:
  • Cisco Meraki (switching, wireless, SD-LAN) 
  • CATO Cloud (SASE, SD-WAN, secure internet access)
  • Hybrid cloud connectivity to data centers hosting IBM iSeries and virtual environments 
• Architect secure, scalable WAN connectivity across all locations using CATO Sockets and cloud backbone. 
• Oversee LAN, VLAN, WAN, and wireless network design, segmentation, and optimization. 
• Implement high availability, redundancy, and failover strategies across all network layers.

Security & Compliance

• Lead the implementation of Zero Trust network architecture across all sites and cloud environments.
• Design and enforce network security controls, including:
  • Firewall policies (CATO, Meraki, and cloud-based controls)
  • Secure access policies (ZTNA, SDP alternatives)
  • Network segmentation and micro-segmentation
• Monitor, analyze, and respond to network security threats and vulnerabilities.
• Maintain and improve company security scorecard, compliance posture, and audit readiness.
• Collaborate with security teams on incident response, threat mitigation, and forensic analysis.

Operations & Support

• Provide Level III / senior escalation support for complex network and security issues.
• Oversee network monitoring, alerting, and performance tuning across all environments.
• Manage firmware upgrades, patching, and lifecycle management of network devices.
• Ensure reliable connectivity for business-critical systems, including ERP and cloud services.
• Act as primary liaison with vendors (Cisco Meraki, CATO Networks, ISPs, cloud providers).

Automation & Optimization

• Develop and implement automation solutions for network provisioning, monitoring, and reporting. 
• Optimize network configurations for performance, cost-efficiency, and scalability. 
• Maintain documentation for architecture, configurations, procedures, and disaster recovery.

Disaster Recovery & Business Continuity

• Design and maintain network disaster recovery and failover procedures.
• Ensure resilience of WAN, cloud connectivity, and inter-site communications.
• Conduct testing and validation of recovery plans.

Education

• Bachelor’s degree in computer science, Information Technology, or related field (or equivalent experience)

Certifications (Required / Preferred)

• Cisco Certified Network Professional (CCNP) or higher (CCIE preferred) 
• Relevant security certifications (CISSP, CCNP Security, or equivalent) preferred 
• CATO Networks certification (or willingness to obtain)
• Meraki certification (CMNA/CMNO preferred)

Technical Skills & Qualifications Experience

• 8+ years of enterprise network engineering experience 
• 5+ years in a senior or lead networking role 
• 3+ years’ experience with SASE / SD-WAN platforms (CATO preferred) 
• Extensive experience with Cisco Meraki environments 
• Proven experience in hybrid cloud networking and data center connectivity

Core Technical Skills

• Expert-level knowledge of:
  • Routing protocols (BGP, OSPF, EIGRP)
  • TCP/IP, OSI model, DNS, DHCP
  • VLANs, segmentation, QoS, load balancing
• Strong experience with:
  • Cisco Meraki switching, wireless, and security appliances
  • CATO Cloud platform (SASE, secure access, SD-WAN)
  • VPN technologies, IPsec tunneling, and secure remote access
• Deep understanding of:
  • Zero Trust architecture and implementation
  • Network security frameworks and best practices
  • DDoS protection and vulnerability management
• Experience supporting:
  • Hybrid cloud environments
  • ERP systems (IBM iSeries / AS400 preferred)
  • Virtualized infrastructure (VMware or equivalent
• Additional Skills
  • Strong troubleshooting and analytical skills in complex distributed environments
  • Experience with scripting/automation (PowerShell, Python, or similar)
  • Ability to manage multiple priorities and lead cross-functional initiatives
  • Excellent communication skills with both technical and non-technical stakeholders

Preferred Qualifications

• Experience in manufacturing or distribution environments
• Knowledge of IBM iSeries networking and integration
• Familiarity with Microsoft Azure or other cloud platforms
• Experience with monitoring and SIEM tools (e.g., Rapid7, etc.)
• Background in system administration (Windows/Linux)

Benefits

• 401(k)
• Health, Dental, and Vision Insurance
• Life Insurance
• Flexible Spending Account
• Paid Time Off
• Employee Discount

Work Location

• Hybrid (on-site presence required across Southern California locations as needed)

T.M. Cobb / Haley Brothers, Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.
This policy applies to all terms and conditions of employment, including recurring, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.