Network Engineer

Mortgage Solutions of Colorado, LLC d/b/a Mortgage Solutions Financial (“MSF”) offers a comprehensive benefit package and PTO (paid time off) for eligible employees. The benefit package includes Health, Dental and Vision Insurance, options to participate in a Health Savings Account, Flexible Spending Account, Health Reimbursement Arrangement, Life and AD&D coverage, voluntary Supplemental Life, voluntary Short-Term, Long-Term Disability, Supplemental insurance, Employee Technical Training, Fully Stocked Employee Kitchen, Company Sponsored Events, and a family-oriented organization. In addition, eligible employees have the option to participate in a company retirement plan.

About MSF

MSF is a national mortgage lender headquartered in Colorado Springs. MSF strongly believes every client should be served with integrity, dignity, and respect. Without compromise, MSF is committed to providing loans that are in the best interest of our clients, not our bottom line. We will continue to educate the community by empowering our clients to make responsible and informed fiscal decisions that result in greater financial peace of mind.

Role Overview

The Network Engineer advances the organization’s mission by providing a reliable and secure network and systems that supports branch offices and employee endpoint devices to meet the organization’s system needs. This position relies on extensive experience and judgment to plan, develop, and implement a system platform framework applicable to the existing environment with plans to migrate to Azure based services to accomplish the organization’s goals and objectives. A wide degree of creativity, latitude and independence is expected. In addition, the Network Engineer serves as a subject matter expert for architectural frameworks, methods, and tools. He/she also advises and assists varied business and technical staff with appropriate strategy and network design disciplines.

Essential Duties

In addition to related job duties as assigned, this position will:

  • Provides hands-on network administration support, system maintenance and operations support.
  • Manage performance tuning and capacity planning to enhance the performance of Local and branch office resources using Azure/O365 based cloud services.
  • Responsible for engineering, deploying, and maintaining the integrity of the environment, which includes patching, asset identification, tracking, and documenting, network topology and system data flow diagram creation, lifecycle management, migrations, updating all aspects of all systems, hypervisor support, peripheral equipment management, security updating, documenting, planning, system hardening, and cyber assessments.
  • Perform as technical engineer, taking point on network, and system troubleshooting calls while providing rapid recovery of network outages throughout the enterprise.
  • Design, implement and maintain network security architecture and technology including VPN, content filtering, intrusion detection and firewalls.
  • Set and align the coordinated network/infrastructure strategies and required service levels for current/future business operations in accordance with the overall organizational business strategies.
  • Design, implement and sustain the system backup and disaster recovery policies/procedures in accordance with organizational business continuity objectives.
  • Thorough understanding of the latest security principles, techniques, and protocols.
  • Maintains vendor relationships for 3rd party vendors used by I.T., plan, organize, and inspect projects to conclusion (MSPs, ISPs, Datacenter hosts, VOIP providers, etc.)
  • DNS/Domain record management
  • Perform audits internally and for external auditing sources to ensure proper notifications, configuration, and network optimizations; provide security related remediation actions as issues arise.
  • Develop technical solutions and new security tools to help mitigate security vulnerabilities, automate repeatable tasks, and monitor their effectiveness.
  • Automate tasks, script automated checks on systems, teach, train, and mentor technology staff on new and current systems and network integrations.
  • Create methods and communicate policies to staff, develop and implement proven disaster recovery methods, and create remediation documentation and continuity repositories for redundancy and training.
  • Test security measures (e.g., access authentication and disaster recovery).
  • Design and implement functional network infrastructure including, but not limited to, routers, switches, wireless access points, phone equipment, access control, security devices, and other peripheral network hardware.

Qualifications, Experience & Knowledge

  • Associate’s degree and 7 years of experience, or Bachelor’s degree and 5 years of experience, or Master’s degree and 3 years of experience; a High School diploma or equivalent and 9 years of experience may be considered in lieu of a completed degree
  • Experienced with cloud-based computing.
  • Ability to perform upgrades on network hardware in a highly redundant 24/7 operating environment.
  • Work with other IT and technical groups to troubleshoot and resolve network and application availability and performance problems during business hours and on a 24/7 on-call basis.
  • Makes recommendations to purchase hardware and software, coordinates installation and provides backup recovery.
  • Read, modify, and create shell scripting.
  • Excellent problem-solving skills, ability to work independently, and have a strong sense of ownership and responsibility for the technology infrastructure.
  • Desire to continue to learn and grow.
  • Intellectually curious, being proactive, not waiting for problems to occur.
  • Demonstrated self-starter, takes initiative, can work independently with reduced supervision.
  • Establishing secure connections for “jump boxes” to implementing TLS 1.3 upgrades.
  • Experienced working with Cloudflare, network performance enhancements, and deploying zero trust architecture connectivity.
  • Experience with Barracuda Network Enterprise networking
  • Demonstrated experience quickly learning new concepts and tools.
  • Review system configurations and configurations for networking devices
  • Maintain, sustain, and upgrade networking and communications infrastructure. This includes establishing and sustaining the communications and computer architecture and the configuration requirements.
  • Setting up authentication systems, developing a passwordless employee experience, familiarity with hardware keys (YubiKey).
  • Experience working with Microsoft Azure cloud technologies or similar cloud technologies.
  • Providing after-hours support as necessary.

Desired Qualifications

  • Networking certifications
  • Ubiquiti Networks WAP’s experience
  • Network security experience (vulnerability management and penetration testing skills)
  • Familiar with OWASP Top 10
  • Familiar with OWASP API Security
  • Familiar with CIS Benchmarks for cyber hardening

Physical Requirements

  • Stationary position; prolonged periods at a desk and working on the computer.
  • Occasional movement about inside the office to walk to offices and Co-location data center.
  • Occasional lifting up to 25 pounds, must be able to push, pull, pull up, bend at the knees and waist, twist body at the waist, raise and hold arms overhead, turn head-neck-shoulders as needed, grasp and hold tools and other items with hands, for either extended periods of time or many times throughout the workday.

Work Requirements

  • Must be US Citizen
  • Pass drug screening & criminal background check
  • Within reasonable driving distance for Colorado Springs area
  • No VISA Sponsorship currently
  • Local candidates

Position Type: Non-exempt
Location: Corporate Office: 7450 Campus Dr., Ste. 200 Colorado Springs, CO 80920
Compensation & Benefits: $105,000-$115,000 Annually
This role requires candidates to be on-site daily with no option for remote/hybrid work.

This employer participates in E-Verify and will provide the federal government with your Form I-9 information to confirm that you are authorized to work in the U.S.