Job Summary
The Tier-3 NOC/TAC IP/MPLS & Security Support Engineer provides advanced technical support for large-scale service provider or enterprise networks. This role focuses on resolving complex incidents escalated from Tier-1 and Tier-2 teams, ensuring network stability, performing in-depth troubleshooting, and coordinating with vendors for critical issues. The engineer will support IP/MPLS backbone networks, data center connectivity, firewalls, and CGNAT platforms across Nokia, Cisco, Juniper, Fortinet, and Checkpoint devices.
Key Responsibilities
Incident & Escalation Management
-
Act as the highest operational escalation point for complex network and security incidents.
-
Perform real-time troubleshooting on IP/MPLS backbone, core routers, and security appliances.
-
Lead Major Incident (P1/P2) bridges and restore service in minimal time.
-
Work closely with Tier-1/2 NOC teams, providing guidance and technical support.
Troubleshooting & Analysis
-
Diagnose advanced issues involving:
-
MPLS, MPLS-TE, RSVP-TE
-
L3VPN, L2VPN (VPLS, VPWS, EVPN)
-
Routing protocols: BGP, OSPF, IS-IS
-
Analyze packet captures, logs, and control-plane behavior.
-
Troubleshoot performance, latency, flaps, routing loops, and service outages.
Firewall & CGNAT Support
-
Resolve escalations for:
-
Juniper SRX, Fortinet, Checkpoint firewalls
-
Nokia and Cisco CGNAT platforms
-
Troubleshoot NAT, filtering policies, VPN issues, and security rule conflicts.
-
Support customer-impacting security incidents.
Network Stability & Optimization
-
Perform proactive audits and health checks on backbone infrastructure.
-
Optimize routing policies, MPLS tunnels, and traffic engineering parameters.
-
Recommend long-term fixes and preventive measures.
Vendor Coordination
-
Collaborate with GTAC (Nokia), JTAC (Juniper), Cisco TAC, Fortinet, and Checkpoint support for unresolved issues.
-
Track vendor cases, implement interim workarounds, and validate permanent fixes.
Change Management
-
Review and validate change requests (CRs) and methods of procedure (MOPs).
-
Support scheduled maintenance on backbone routers, firewalls, or MPLS services.
-
Participate in planned upgrades, migrations, and feature enablements.
Documentation & Knowledge Sharing
-
Create technical documents, RCA reports, and troubleshooting guides.
-
Train and mentor Tier-1 and Tier-2 NOC engineers.
-
Maintain accurate system diagrams and configuration archives.
Required Skills & Experience
Networking & MPLS Expertise
-
Strong hands-on experience with:
-
MPLS, MPLS-TE, RSVP-TE
-
MPLS L3VPN / L2VPN / VPLS / EVPN
-
Solid understanding of BGP, OSPF, IS-IS, route policies, and traffic engineering.
-
Experience with QoS, multicast, redundancy protocols (VRRP/HSRP), and LAG/LACP.
Multi-Vendor Platform Knowledge
-
Nokia 7750 SR / SR-OS
-
Cisco NCS540, ASR9000 (IOS-XR)
-
Juniper MX, QFX, SRX
-
Fortinet FortiGate, Checkpoint firewalls
-
CGNAT platforms across Nokia, Juniper, and Cisco
Security Knowledge
-
Firewall rule management, NAT, IPS/IDS
-
VPN troubleshooting (IPSec, IKE, SSL)
-
CGNAT/LSN behavior, logging, and capacity issues
Operational Skill Set
-
Strong incident management capability
-
Familiarity with monitoring tools (NetFlow, SNMP, Telemetry)
-
Log analysis, packet capture tools (tcpdump, Wireshark)
-
Experience with ITIL-driven processes (Incident, Change, Problem)
-
Good documentation and communication skills
Education & Certifications (Preferred)
-
Bachelor’s in Engineering, Computer Science, or related field
-
Certifications preferred:
-
CCNP/CCIE
-
JNCIP/JNCIE
-
Nokia NRS-II or SRA
-
Fortinet NSE4/7
-
Checkpoint CCSA/CCSE
Soft Skills
-
Strong analytical and problem-solving abilities
-
Calm under pressure, especially during outages
-
Excellent coordination skills for major incidents
-
Ability to guide and mentor junior team members
-
Strong ownership and accountability
