Lead Network Engineer

Marmon Technologies India Private Limited

As a part of the global industrial organization Marmon Holdings—which is backed by Berkshire Hathaway—you’ll be doing things that matter, leading at every level, and winning a better way. We’re committed to making a positive impact on the world, providing you with diverse learning and working opportunities, and fostering a culture where everyone’s empowered to be their best.

The Lead Network Engineer will act as the network architecture and security authority responsible for designing, securing, and optimizing enterprise network infrastructure across on-prem, hybrid, and cloud environments.

This role requires deep expertise in routing, switching, and network security (firewalls), along with working knowledge of cloud networking (Azure/AWS) from a security and connectivity perspective. The individual will lead design decisions, standardization, and modernization initiatives, ensuring scalability, resilience, and alignment with Zero Trust principles.

Key Responsibilities

Network Architecture & Design

Design and own enterprise network architecture for LAN, WAN, WLAN, and data center environments.

Define network standards, reference architectures, and design patterns across business units.

Lead network modernization initiatives include segmentation, resiliency and performance optimization.

Review and approve network designs for new sites, applications, and integrations.

Network & Security Engineering

Design, build, configure, and maintain Palo Alto firewalls across the Water Group.

Define Zero Trust network principles, including least privilege access and micro‑segmentation.

Create and manage firewall policies, NAT, VPNs, segmentation, and security profiles.

Lead firewall lifecycle management, including upgrades, rule optimization, and security hardening.

Routing, Switching & Infrastructure

Design and implement advanced routing protocols (BGP, OSPF, EIGRP)

Architect and manage Cisco-based network infrastructure (switches, wireless, core networking)

Implement:

VLAN segmentation

High availability & redundancy

QoS and traffic optimization

Cloud & Identity Architecture

Define secure hybrid connectivity models (site‑to‑site VPN, ExpressRoute, Transit VNet, hub‑and‑spoke).

Ensure cloud network designs follow network isolation, routing control, and secure ingress/egress practices.

Collaborate with Cloud and Identity teams to support secure access and network‑based controls.

Design and maintain secure hybrid cloud architectures supporting manufacturing and corporate systems.

Manage and optimize Azure-hosted servers and cloud-based infrastructure.

Monitoring, Availability & Incident Response

Proactively monitor Azure environments, firewalls, switches, and access points to ensure performance, security, and availability.

Lead troubleshooting and incident response for network and cloud outages, with a focus on minimizing manufacturing downtime.

Perform root cause analysis and implement long-term corrective actions.

Participate in on-call or after-hours support for critical incidents as required.

Security & Standards

Work with Group Senior Director of Information technology to establish network and cloud security standards, configurations, and best practices.

Ensure compliance with corporate cybersecurity policies and industry best practices.

Partner with IT leadership and cybersecurity teams to strengthen overall security posture.

Provide guidance and mentorship to other IT staff on network and cloud technologies.

Documentation & Continuous Improvement

Maintain detailed network diagrams, firewall documentation, and configuration standards.

Evaluate new technologies and recommend improvements to performance, security, and reliability.

Lead infrastructure improvement projects across the Water Group.

Qualifications

Education & Experience

Bachelor’s degree in information technology, Computer Science, or equivalent experience.

8+ years of experience in enterprise network and cloud engineering.

Proven experience designing and supporting networks in manufacturing or uptime-critical environments.

Certifications (Required)

Palo Alto Networks Certification (PCNSA or PCNSE required)

Cisco Certification (CCNA required; CCNP strongly preferred)

Technical Skills

Expert-level experience with Palo Alto firewalls, including build, configuration, and troubleshooting.

Strong experience with Cisco switches and wireless access points.

Advanced knowledge of Microsoft Azure, including networking and security services.

Strong understanding of identity and access management using Azure Entra ID.

Act as L3 escalation point for complex network and security incidents.

Lead root cause analysis for major outages and security‑related network issues.

Provide architectural guidance to L2/L3 engineers and managed service partners.

Review change requests for high‑risk network modifications.

Experience with network segmentation, zero-trust concepts, and cybersecurity best practices.

Key Competencies

Strong architectural and problem-solving skills.

Security-first mindset with attention to detail.

Ability to work independently and lead technical initiatives.

Excellent communication and documentation skills.

Ability to operate effectively in a manufacturing-focused environment.

Following receipt of a conditional offer of employment, candidates will be required to complete additional job-related screening processes as permitted or required by applicable law.