We are seeking a highly skilled Network Engineer to join our infrastructure and security team. This role is critical in designing, deploying, and maintaining a global network built to defend against large-scale distributed denial of service (DDoS) attacks. You will be responsible for operating and expanding our anycast-based network, ensuring stability and resiliency at Layer 2 and Layer 3, and working extensively with Juniper routing platforms.

Key Responsibilities

• BGP & Anycast Operations

  • Design, implement, and maintain BGP peering and routing policies across a global anycast DDoS mitigation network.

  • Optimize routing to reduce latency, improve traffic distribution, and ensure fast attack absorption.

  • Monitor and troubleshoot routing anomalies, traffic engineering, and prefix management.

• Layer 2/3 Network Engineering

  • Configure, operate, and troubleshoot switching and routing environments across data centers and PoPs.

  • Implement and maintain redundancy, high availability, and failover mechanisms at L2/L3.

  • Ensure compliance with industry standards (e.g., MANRS, RPKI, IRR route validation).

• Juniper Network Operations

  • Administer, configure, and maintain Juniper MX, QFX, and SRX platforms.

  • Develop and maintain Junos automation templates for repeatable and consistent deployments.

  • Conduct software upgrades, hardware maintenance, and performance optimization.

• DDoS Mitigation & Security

  • Collaborate with security engineers to design and implement mitigation strategies against evolving attack vectors.

  • Deploy, tune, and maintain mitigation hardware/software in line with traffic patterns.

  • Conduct traffic analysis to identify malicious patterns and improve detection/response systems.

• Operational Excellence

  • Participate in on-call rotation for escalations and outages.

  • Document network architecture, standard operating procedures, and troubleshooting playbooks.

  • Support cross-functional teams (SRE, Security, Product) in scaling and improving the platform.

Required Skills & Experience

• Networking Expertise:

  • Strong knowledge of BGP, Anycast routing, and Internet interconnection (IXPs, transit, peering).

  • Solid understanding of Layer 2/3 protocols (MPLS, VLANs, QinQ, VRFs, etc.).

• Juniper Knowledge:

  • Hands-on experience with Junos OS and Juniper hardware (MX, QFX, SRX families).

  • Proficiency in configuring routing policies, filters, firewall rules, and automation (commit scripts, NETCONF).

• Security Awareness:

  • Understanding of DDoS attack methodologies and mitigation techniques.

  • Experience with flow telemetry (NetFlow, sFlow) and packet analysis tools.

• Other Requirements:

  • 5+ years in ISP, CDN, or security-focused networking roles.

  • Familiarity with automation frameworks (Python, Ansible, Salt, or equivalent).

  • Strong troubleshooting, problem-solving, and operational rigor.

Preferred Qualifications

• Experience working in high-capacity, low-latency global networks.

• Knowledge of traffic scrubbing architectures and mitigation platforms.

• Participation in network communities (NANOG, RIPE, etc.).

• Juniper certifications (JNCIP, JNCIE).

What We Offer

• Opportunity to build and defend some of the largest DDoS mitigation systems on the Internet.

• A high-impact role in a fast-moving and security-critical industry.

• Competitive compensation and benefits.

• A collaborative environment with highly skilled network and security professionals.