BrainRocket seeks a Senior Network Engineer to design, implement, and ensure the reliability of their corporate network infrastructure. Responsibilities include architecting HA topologies, managing routing/switching, and implementing Infrastructure-as-Code principles. Requires 5+ years of experience, advanced MikroTik, UniFi, and Fortinet expertise, and Python scripting skills.
Key Highlights
Key Responsibilities
Technical Skills Required
Benefits & Perks
Nice to Have
Job Description
BrainRocket is a global company creating end-to-end tech products for clients across Fintech, iGaming, and Marketing. Young, ambitious, and unstoppable, we've already taken Cyprus, Malta, Portugal, Poland, and Serbia by storm. Our BRO team consists of 3,000 bright minds creating innovative ideas and products. We don’t follow formats. We shape them. We build what works, launch it fast, and make sure it hits.
The Corporate IT department is seeking a Senior Network Engineer to design, implement, and own the reliability of our corporate network infrastructure.
You’ll work in a dynamic and fast‑moving environment where priorities can shift quickly — flexibility, ownership, and problem‑solving under changing conditions are key to success.
✅ Responsibilities:
✔️Network Design & High Availability: Architect and maintain corporate network infrastructure using MikroTik, UniFi, and Fortinet. Design and operate HA topologies with VRRP and Fortinet HA (active-passive and active-active clusters). Own the routing and switching stack: BGP, OSPF, VLANs, QoS, Multi-ISP load balancing and traffic-shaping policies.
✔️Infrastructure as Code & Configuration Management: Apply Infrastructure-as-Code principles across the entire network device estate — all configurations are defined in code (Ansible,Terraform ,etc), stored in version control, and reproducible on demand, with no manually managed devices.
✔️Enterprise Wireless: Design, deploy, and continuously optimise Wi-Fi across UniFi and Fortinet FortiAP environments. Perform deep RF analysis: channel planning, power tuning, roaming optimisation (802.11r/k/v), and interference mitigation. Implement and maintain WPA3-Enterprise authentication with RADIUS and EAP-TLS. Own certificate lifecycle for EAP-TLS in close collaboration with the Endpoint Engineer who manages device-side MDM provisioning. Troubleshoot complex wireless issues end-to-end — from RF captures and supplicant logs to RADIUS debug and switch-port traces.
✔️Wired Access Control & Network Segmentation: Implement and maintain 802.1X port-based authentication for wired endpoints across the corporate environment. Design and enforce granular VLAN segmentation aligned to user roles, device types, and trust levels. Manage RADIUS policies for wired authentication and integrate with identity providers (Okta IdP) for dynamic VLAN assignment and CoA.
✔️VPN & Remote Access: Operate and scale VPN infrastructure across WireGuard (site-to-site), OpenVPN (remote access), and GlobalProtect (Palo Alto). Integrate VPN gateways with RADIUS and identity providers for MFA-enforced authentication. Define and enforce firewall policy, split tunnelling, and RBAC-driven access segmentation.
✔️Monitoring, Observability & Incident Response: Build and own network observability: SNMP, NetFlow/sFlow, syslog pipelines, and dashboards in Grafana / VictoriaMetrics. Define alerting thresholds, on-call runbooks, and postmortem processes. Lead resolution of P1/P2 network incidents and drive permanent root-cause fixes.
✔️Automation & Scripting: Develop Python-based tooling for network management tasks: configuration rendering, compliance checks, bulk changes, and operational reporting. Write and maintain reusable scripts that integrate with network APIs and Git-based configuration workflows.
✔️Collaboration & Documentation: Cooperate with DevOps, Security, Identity, and Endpoint Engineering teams to align workflows and support cross-functional goals. Stay adaptable — priorities may shift rapidly as new critical initiatives arise. Create and maintain technical documentation; share best practices and mentor teammates on network automation and IaC culture.
✅ Requirements:
Looking to advance your IT & Network Engineering career with relocation support? Explore IT & Network Engineering Jobs with Relocation Packages that include comprehensive packages to help you move and settle in your new role.
✔️5+ years in network engineering or infrastructure roles.
✔️Advanced knowledge of MikroTik RouterOS: routing, firewall, scripting, and CHR.
✔️Expertise with Ubiquiti UniFi: controller management, RF tuning, and L3 adoption.
✔️Expertise with Fortinet FortiGate: HA configuration, policy management, and FortiAP.
✔️Proven experience with VRRP and multi-vendor HA failover design.
✔️Solid IaC background applied to network devices: Ansible, Terraform, or equivalent, with Git-based change management.
✔️Hands-on experience with 802.1X wired authentication and dynamic VLAN assignment via RADIUS.
✔️Deep wireless troubleshooting skills: RF captures, supplicant debugging, EAP-TLS tracing, and roaming analysis.
✔️Solid VPN experience covering WireGuard, OpenVPN, and GlobalProtect.
✔️Working knowledge of Python for network automation and management tooling.
✔️Familiarity with RADIUS integration with identity providers (Okta, Entra ID, or equivalent).
✔️Strong monitoring and observability skills: SNMP, NetFlow, syslog, and dashboarding.
✔️Excellent troubleshooting, communication, and cross-team collaboration skills.
✔️Comfortable working in a fast-paced, ever-changing environment with shifting priorities.
✅ Nice to Have:
Discover our full range of relocation jobs with comprehensive support packages to help you relocate and settle in your new location.
✔️Experience with Palo Alto firewalls beyond GlobalProtect (Panorama, security policies, NGFW features).
✔️Familiarity with SecureW2 or similar cloud RADIUS / PKI platforms.
✔️Kubernetes and cloud networking awareness (AWS VPC, Transit Gateway, security groups).
✔️Experience with compliance frameworks (SOC 2, ISO 27001, or equivalent) in a network context.
✔️Exposure to FinOps practices applied to corporate network infrastructure cost management.
✅ Why you should join us?
💻 Learning and development opportunities and interesting, challenging tasks.
✈️ Relocation package (tickets, staying in a hotel for up to 2 weeks, and visa relocation support for our employees and their family members).
📚 Opportunity to develop language skills, with partial compensation for the cost of English and Portuguese language classes (for localization purposes).
🎾 Partial compensation for tennis and padel lessons.
🏀 Urban Sport membership benefit (the most diverse sports and wellness offering in Europe, with more than 50+ activities).
🏥 Private medical coverage, including inpatient, outpatient, dental care, annual check-ups, and maternity support.
🏝 Time for proper rest, with 24 non-business days per year and an additional 6 paid sick days.
🚌 Transport compensation - 200 euros net per month.
📈 Competitive remuneration level with annual review.
🤝 Teambuilding activities.
Join Brainrocket and rock with us! 🚀
Similar Jobs
Explore other opportunities that match your interests
Fyld
Fyld