Colorado Public Employees' Retirement Association

Apply for this job

Infrastructure Senior Engineer - Network (Information Technology)



JOB SUMMARY

Looking for a career where you can give back to those who have supported you? Have a favorite teacher or snowplow driver who helped you through a storm or maybe a State Trooper that let you off with a warning? If so, there is a good chance they are a PERA member. Colorado PERA provides retirement benefits for Colorado State Employees, like many teachers, snowplow drivers and State Troopers. Come join the team and give back to those who have helped you.

Colorado PERA's Information Technology team is expanding, and we're looking for talented individuals to join us! We have an immediate opening for a Full Stack Senior Networking Engineer who can design networks on-prem, in the cloud, on the edge and everywhere in between. You will be the go-to person for all network related hardware and software along with protecting our network from unauthorized access, threats and vulnerabilities.

ESSENTIAL FUNCTIONS

  • Protect our network perimeter by filtering incoming and outgoing traffic, ensuring only authorized access is granted, while monitoring for potential security threats and implementing necessary security policies

  • Design, implement, manage, integrate, and maintain the organizations network including on-prem and in the cloud

  • Experience with network security including Intrusion Detection, Protection, and tunneling

  • Management of Certificate Authority and certificate issuance

QUALIFICATIONS

  • Degree in technical (STEM) field and four years' experience in technical role preferred, or equivalent combination of education and experience

  • Expertise in firewall technologies and network security

  • Strong understanding of network protocols including TCP/IP, UDP, MPLS, BGP, OSPF, and TLS

  • Experience with design and implementation of security through IP subnets and routing

  • Networking certifications including CCNP (Data Center/Enterprise) and CCDE preferred

JOB SUMMARY

This position is a Subject Matter Expert (SME) for firewalls and networking responsible for designing, integrating, implementing, maintaining, testing, monitoring, and assessing system technology across the organization. Leads efforts in network security and traffic flow management, primarily responsible for planning, implementing, and integrating disparate network software and hardware solutions. Mentors, coaches, and guides other Engineers and Administrators to address complex networking solutions that require proactive strategies and in-depth evaluation. Leads technical projects and delivers short- and long-term technological networking solutions.

ESSENTIAL FUNCTIONS

  • Subject Matter Expert in perimeter network domain including WAN-LAN integrations, security, redundancy, design, implementation, support, and vendor interaction are required

  • Ability to support other staff working Level 3 calls, immediately recognizing solutions without relying on vendor support, occasionally research, resolve, and document unknown root cause solutions

  • Oversee and manage firewall systems, design multiple tool integrations to support vulnerability reduction while supporting Administrators and Engineers working on specific vulnerability and security risks

  • Research and develop mitigations for security related network vulnerabilities, act as SME for specific security tools within PERA's networking domain, and evaluate and review configurations and actions ensuring all changes improve the infrastructure security posture at PERA

  • Design, implement, and mentor other staff in firewall management and participate in disaster recovery testing with a focus on communications in a DR test/event, ensuring documentation is written, diagrammed, up to date, tested, and improved for system recovery and operation

  • Expert comprehension of multiple PERA systems, projects, project specifications, and DevSecOps initiatives that require a firewall/network SME contributor

  • Identify and evaluate opportunity to improve confidentiality, integrity, and availability in multiple areas of SME expertise, design and lead various network and encryption solution implementations, identify and evaluate new tools and integrations to help Infrastructure staff accomplish the mission of CIA

  • Design, plan, and implement significant projects, network enhancements, and network integrations including assisting in planning and responsibility assignments to accomplish those initiatives, ensuring documentation of details and review for completeness of ITSM processes

  • Utilizing multiple network SME skills to design, review, and approve vendor SOW projects, participate in vendor discussions to resolve significant issues, regularly act as a senior resource for staff on existing security appliance operation in the domain, rarely utilize or rely on vendor services and support, evaluate licensing and initiate and review quotes for significant new services or tools

  • Applies different and creative techniques to analyze, test, and implement ad-hoc solutions in a prudent and swift manner, foreseeing and avoiding potential impacts on end user computing environments and colleagues by focusing on network availability and stability, and leads peers to an understanding of complex networking topics

  • Adept at making decisions and optimizing future work utilizing planning, testing, and proof of concepts

  • Provides written communication that is concise, clear, and updated, on both small and large initiatives and reviews ITSM processes to ensure continued process improvement

  • Collaborates effectively with teammates and vendors with empathy, adeptly uses feedback and audience specific language to explain and resolve issues, and manages vendor relationships

  • Provides technical and task leadership, coaching, training, and direction to develop team depth, proactively on moderate to large size projects with minimal supervision required from senior staff and management

  • Perform other duties as assigned

QUALIFICATIONS

  • Degree in technical (STEM) field and four years' experience in technical role preferred, or equivalent combination of education and experience

  • Experience as an SME with in multiple key technologies/platforms within the network technology domain with a solid understanding of system security implications

  • Periodically attends technical training relating to current and future network technology support duties

  • Demonstrated design and integration of external network redundancy and high availability technologies, advanced network edge security and firewall integration initiatives, and optimization of workflow regarding security and network event warnings and errors, resource management, and network availability in both external and internal environments

  • Demonstrated design and implementation of applicable network devices, firewalls, wireless access points, WAN services, and security design and integration with other systems preferred  

  • Design and implementation of secure network integration, including WAN, LAN, SD-WAN, tunneling, and Wi-Fi, with integration of Public Key Infrastructure (PKI), certificate authority management, and TLS security protocols. Protocol familiarity with, but not limited to TCP, IP, UDP, HTTP, DHCP, DNS, and various Wi-Fi protocols with skills integrating and improving security systems such as firewalls, gateways, tunnels, certificate management, and cloud/on-prem API security integration and management preferred

  • Experience designing and managing security event workflows and tools, including design and implementation of internal and external security layer tools from the end point, through network isolation and monitoring, to ingress/egress of data and communications preferred

WORKING CONDITIONS

  • Standard office environment with frequent computer use

  • Required occasional on-call assistance outside of normal business hours

  • All employees are expected to present themselves in a professional manner in alignment with the financial services industry

HYBRID WORK OPTION

  • Opportunity to work from home up to three days per week. Eligibility dependent upon factors detailed in PERA's Work from Home Policy.

JOB DESCRIPTION DISCLAIMER

This job description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities that are required of an employee. Duties, responsibilities, and activities may change or new ones may be assigned with or without notice.

Unfortunately, at this time, we cannot consider candidates that require sponsorship (now or in the future), or are located outside of the US.

All Colorado PERA employees are subject to PERA's Ethics Policy and some employees are subject to the Personal Trading Policy. These policies include restrictions on outside business activities and employment and have certain requirements on personal trading.  You may request copies of these policies from PERA's talent acquisition team and any questions can be answered by PERA's Investment Administration team.

INTERESTED CANDIDATES
Complete the employment application online at https://www.copera.org/careers. Please have copies of your resume and cover letter available to upload

ABOUT COLORADO PERA

Looking for a career where you can make a difference? Colorado PERA offers benefit services to public employees across Colorado, including teachers, state troopers, snowplow drivers, correctional officers and many others who provide valuable services. As Colorado's largest pension plan, we serve and educate over 600,000 members who are former and current public employees. 

At PERA you will earn more than a paycheck. PERA is a culture where you can grow your potential and work in an inclusive environment, where diverse perspectives are valued. We hire exceptional employees and recognize that our people are our best asset. Not only do we make sound investments for our members, PERA invests in our employees' growth through training and leadership opportunities.

To promote wellbeing, we offer hybrid or flexible working options for most roles and a total rewards and benefit program including health, dental and vision coverage - eligibility starts the first day of the month following the date of hire for most plans; generous paid time off and volunteer hours; pension and retirement plans, including PERA's defined benefit plan, 457 defined contribution plan, and 401(k) employer match, as applicable; tuition assistance; free, convenient on-site parking or RTD subsidy; free on-site fitness center to stay active; employee assistance program; training, leadership and mentoring programs and more. PERA is a Public Service Loan Forgiveness qualifying employer.

To learn more about life at PERA, watch this video or visit www.copera.org/careers.

Position Title: Infrastructure Senior Engineer - Network
Division: Information Technology
Reports to: Information Technology Infrastructure Manager
Job Status: Full Time/Exempt
Salary: $114,500– $143,000 Annually, Commensurate with experience
Posting Dates: 02/21/2025 - 03/09/2025

Apply Salary Minimum: 114500Salary Maximum: 143000
Apply Here done