Network Engineer

The incoming Network Engineer is responsible for designing, implementing, and maintaining enterprise‑ to carrier‑grade network infrastructures that serve the organisation’s internal teams, external partners, and high‑availability production workloads. This role combines advanced routing/switching expertise, multi‑ISP and WAN connectivity design, network automation, and performance engineering to deliver fast, stable, and resilient network services. The engineer supports large‑scale routing domains, firewalls, wireless deployments, VPN architectures, and cloud‑connected networks while ensuring hardened configurations, patching discipline, and compliance with network security and audit requirements. A successful candidate brings deep network engineering experience, strong analytical and troubleshooting capabilities, and the ability to maintain reliable connectivity across dynamic production environments.

Key Responsibilities

– Design and implement Service Level Indicators (SLIs), Service Level Objectives (SLOs), error budgets, and lead post‑mortem/incident review processes.

– Ensure the reliability, availability, and performance of critical internal and external platform systems.

– Understand, design, implement and maintain enterprise‑grade to carrier-grade network topologies for own-use and partners/end-customers:

*- core, distribution, and access layers

*- multi‑ISP WAN, SD‑WAN, VPN, cloud‑connected and telco requirements

– Provide operational engineering support to ensure performant and stable services across production environments

– Collect, analyse, and interpret system metrics and logs for capacity planning, performance tuning, QoS/traffic engineering and fault isolation.

– Develop automation workflows to manage infrastructure, services, and applications efficiently with version‑controlled network configurations, templates, and provisioning pipelines.

– Increase service reliability through proactive monitoring, alerting, and observability improvements.

– Support and enhance monitoring systems for network equipment and services on PRTG, Grafana, Graylog, NetFlow/SFlow/Telemetry.

– Lead diagnosis of complex issues, including routing loops/flaps, packet drops, latency, DDoS and service SLA breaches.

– Coordinate with hardware and software vendors, managing support contracts, renewals, and escalations.

– Evaluate and recommend emerging technologies that support platform innovation and operational excellence.

– Understand requirements and drive implementation/compliance/remediation for any system hardening, patching, compliance/vulnerability audits, penetration tests for their respective scopes.

Requirements

• 3+ years of experience in technology operations as a Network Engineer, preferably in a Telco Terrestrial or Mobile Core network and/or Cloud Hyperscaler.
• Proven experience operating and supporting mission‑critical production systems (e.g. SaaS, Telco, banks).
• Strong background in building automated monitoring, incident detection systems, runbooks, and supporting incident‑management processes.
• Hands‑on experience designing automation solutions using provisioning tools and scripting languages.
• Proficient in building and maintaining highly available, scalable network infrastructure, with expertise in:
• *Routing (BGP, OSPF, IS‑IS, MPLS, L3 EVPN, Static)
• *Forwarding (VLANs, STP, LACP, L2 EVPN/MPLS)
• *VPN (IPSec Site‑to‑Site and Dial-Up VPNs)
• *Cloud connectivity (AWS VPCs, TGWs, Route53)
• *Routers, switches, firewalls and wireless access points (Cisco, Juniper, Arista, Huawei, ZTE, FS, MikroTik, TPLink Omada, Ubiquity, Fortinet, Palo Alto, OpnSense)
• *Security (Firewall rulesets, NAT, segmentation, ZTNA)
• *Scripting (Bash and Python)
• *Infrastructure‑as‑Code tools such as SaltStack, Puppet, Terraform, or Ansible
• *Service and equipment monitoring (PRTG, Grafana, Promentheus, Graylog, NetFlow/SFlow/Telemetry)
• Strong understanding of network hardening concepts, including secure OS baselines and safe configuration practices.
• Ability to manage and track patching cycles, package updates, kernel updates, and dependency upgrades across production systems.
• Familiarity with vulnerability scanning tools and ability to review or remediate findings, suitable for an ISO27000-compliant implmenetation.
• Understanding of backup integrity, disaster‑recovery testing, and ensuring secure data handling in backups/snapshots.
• Ability to comply with change‑management and deployment controls, preventing unauthorised or risky changes.
• Able to work independently, prioritize effectively, solve complex system problems, and deliver on deadlines.
• Strong communication skills in English for interacting with users, vendors, and management globally.
• Capable of explaining complex system interactions clearly to both technical and non‑technical audiences.

Apply today: jobs@kacific.id