Senior Network and Security Engineer Remote

The Senior Network and Security Engineer will take ownership of our enterprise network and security infrastructure. This is a critical, high-visibility role responsible for the design, implementation, optimization, and security of network systems across our entire footprint—including 190+ retail stores, a distribution center, corporate headquarters, and multi-cloud environments (AWS, Azure, GCP).

As the primary network and security subject matter expert, the Sr Network and Security Engineer will work closely with the Head of Infrastructure and Operations and cross-functional IT teams to ensure our network delivers the reliability, performance, and security required to support our business transformation. This is currently an individual contributor role with significant potential to grow into a management position as the team expands.

Key Responsibilities

Network Infrastructure Design & Operations

• Design, implement, configure, and maintain enterprise network infrastructure including routers, switches, firewalls, load balancers, and wireless systems across all company locations
• Manage and optimize Cisco Meraki wireless access points, switches, and security appliances across 190+ retail store locations, ensuring consistent connectivity and performance for point-of-sale systems, inventory management, and customer WiFi
• Configure, maintain, and troubleshoot Cisco routing and switching infrastructure at corporate headquarters and distribution center, including VLANs, spanning tree, OSPF/BGP, QoS policies, and access control lists
• Administer and optimize F5 load balancers (LTM/GTM) to ensure high availability, traffic distribution, SSL offloading, and optimal application delivery for critical business systems
• Manage network connectivity and express routes to AWS, Azure, and Google Cloud Platform (GCP), ensuring secure, high-performance hybrid cloud architecture
• Design and implement SD-WAN solutions to optimize traffic routing, reduce costs, and improve application performance across distributed retail locations
• Plan and execute network capacity planning, ensuring infrastructure scales to meet business growth and seasonal demand fluctuations
• Develop and maintain comprehensive network documentation including topology diagrams, IP address management (IPAM), configuration standards, and runbooks

Security Operations & Compliance

• Own and manage enterprise firewall infrastructure, including rule creation, modification, auditing, and lifecycle management to ensure least-privilege access and defense-in-depth security
• Administer and monitor Splunk SIEM platform, developing and tuning correlation rules, dashboards, alerts, and reports to detect and respond to security threats
• Conduct regular vulnerability assessments and coordinate remediation efforts with infrastructure and application teams to reduce attack surface and maintain security posture
• Ensure ongoing PCI-DSS compliance across all network environments, including documentation, evidence collection, control implementation, and support for internal and external audits
• Implement and manage network segmentation strategies to isolate sensitive systems, cardholder data environments, and guest networks in accordance with compliance requirements
• Monitor and respond to security incidents, performing initial triage, containment, investigation, and root cause analysis in coordination with security leadership
• Manage VPN infrastructure for remote access and site-to-site connectivity, ensuring secure communications for remote employees and third-party vendors
• Stay current with emerging security threats, vulnerabilities, and industry best practices, proactively recommending and implementing security improvements

Voice & Unified Communications

• Administer and support Avaya VoIP infrastructure including call routing, dial plans, voicemail, SIP trunking, and integration with contact center systems
• Troubleshoot voice quality issues, including latency, jitter, and packet loss, implementing QoS policies to ensure clear, reliable communications
• Coordinate with telecom carriers and vendors for circuit provisioning, troubleshooting, and service upgrades

Operations, Support & Continuous Improvement

• Serve as the primary on-call escalation point for critical network and security incidents, providing 24x7 support as needed to maintain business continuity
• Perform proactive network monitoring, identifying and resolving performance issues before they impact end users or business operations
• Lead root cause analysis for network outages and security incidents, implementing corrective actions and preventive measures
• Collaborate with Help Desk, Systems Administration, Cloud Engineering, and Application Development teams to support cross-functional projects and troubleshoot complex issues
• Evaluate emerging network and security technologies, making recommendations for adoption to improve efficiency, security, and cost-effectiveness
• Develop and deliver technical training and knowledge transfer to junior team members and IT staff as the team grows
• Participate in change management processes, ensuring network changes are properly planned, tested, documented, and communicated

Required Qualifications

• Bachelor's degree in Computer Science, Information Technology, Network Engineering, or related field; or equivalent combination of education and experience
• Minimum 7 years of progressive experience in enterprise network engineering, administration, and security
• Extensive hands-on experience with Cisco routing and switching technologies, including configuration, troubleshooting, and optimization of enterprise-grade equipment
• Demonstrated experience managing Cisco Meraki cloud-managed networking solutions (MR, MS, MX) in a multi-site environment
• Proficiency with F5 BIG-IP load balancers, including LTM configuration, iRules, SSL certificate management, and health monitoring
• Experience designing and managing network connectivity to public cloud platforms (AWS, Azure, GCP), including VPCs, VPNs, Direct Connect/ExpressRoute, and hybrid architectures
• Strong understanding of network security principles including firewall management, IDS/IPS, network segmentation, and zero-trust concepts
• Working experience with SIEM platforms (Splunk preferred) for security monitoring, log analysis, and incident detection
• Hands-on experience with vulnerability scanning tools and remediation processes
• Demonstrated knowledge of PCI-DSS compliance requirements and experience implementing controls in a retail or payment card environment
• Experience supporting enterprise VoIP systems (Avaya preferred), including troubleshooting, QoS, and SIP/H.323 protocols
• Strong understanding of TCP/IP, DNS, DHCP, BGP, OSPF, MPLS, and other core networking protocols
• Excellent troubleshooting and problem-solving skills with the ability to diagnose complex, multi-vendor issues under pressure
• Strong written and verbal communication skills with the ability to document technical processes and communicate with both technical and non-technical stakeholders
• Ability to work independently with minimal supervision while managing multiple priorities in a fast-paced environment
• Availability to participate in on-call rotation and respond to critical incidents outside of normal business hours

Preferred Qualifications

• Experience working in the retail industry, particularly in multi-location retail environments with distributed network infrastructure
• Industry certifications such as CCNP (Enterprise, Security, or Data Center), CCIE, F5 Certified Administrator/Technology Specialist, CISSP, CISM, or CompTIA Security+
• Experience with network automation and Infrastructure as Code (IaC) using tools such as Ansible, Terraform, Python, or REST APIs
• Familiarity with SD-WAN technologies (Cisco Viptela, Meraki SD-WAN, or similar)
• Experience with network monitoring and observability tools such as SolarWinds, ThousandEyes, PRTG, Datadog, or similar platforms
• Knowledge of Zero Trust Network Architecture (ZTNA) principles and implementation
• Experience supporting point-of-sale (POS) systems and retail technology environments
• Previous experience in a startup or high-growth environment with rapidly evolving technology requirements

Desired Attributes

• Servant's Heart – You understand that technology exists to serve the business and, ultimately, our guests. You take pride in enabling others to do their best work.
• Endlessly Curious – You have a genuine passion for learning and staying ahead of the technology curve. You ask questions, explore new solutions, and continuously seek ways to improve.
• Customer-Obsessed – You recognize that every network decision impacts the guest experience, from in-store connectivity to e-commerce performance. You design with the end user in mind.
• Passionately Enthusiastic – You bring energy, positivity, and dedication to your work. You're excited about building something meaningful and aren't afraid to roll up your sleeves.
• Ownership Mentality – You take full accountability for the network and security infrastructure. When something breaks, you own it until it's fixed—and then you make sure it doesn't break again.
• Startup Agility – You thrive in a fast-paced environment where priorities shift and innovation is constant. You're comfortable with ambiguity and can balance long-term strategy with immediate needs.
• Collaborative Spirit – You work effectively across teams, building relationships with colleagues in IT, stores, and business units to achieve shared goals.
• Ability to work hybrid or remote

Now that we’ve popped the question, please say “I do”.

Full Time Opportunity – A comprehensive benefits package is available.

• Rewarding Environment and Competitive Pay
• Generous Dream Maker Discount After First Pay Period
• Referral Incentive Program
• Dayforce Wallet – Get Paid Early!
• Health/Dental/Vision Insurance
• 401K Program
• Paid Vacation, Wellness Days & Holidays, including your Birthday off! 
• Pet Benefits

Love wins when love is for Everyone!

Our mission at David’s Bridal is to embrace the ideas of Diversity, Equity, and Inclusion. It is our goal to build a workforce that is as representative as the customers we serve. We vow to create a culture where all forms of diversity are celebrated and seen as valuable. 

David’s Bridal encourages applications from all qualified candidates. David’s Bridal has a great record of accommodating persons with disabilities. Contact Human Resources at humanresources@dbi.com or 610.943.5048 if you need accommodation at any stage of the application process or want more information on our accommodation policies.

Policy: Candidate Use of AI in Live Interviews

We conduct interviews to evaluate each candidate’s own knowledge, judgment, and communication. During any live interview (virtual or in-person), candidates must not use real-time generative AI tools to compose or feed their answers. Candidates may use assistive technologies (e.g., screen readers, live captions) and may request reasonable accommodation in advance.

Disclaimer: The preceding job description has been designed to highlight the general nature and level of work performed by employees within this classification.  It is not designed to contain or be interpreted as a comprehensive description of all duties, responsibilities and qualifications required of employees assigned to this job.  Actual duties and responsibilities will vary. The standard base pay range for this role is posted at a minimum and maximum rate.

The starting rate of pay offered will vary based on factors including, but not limited to, position offered, location, training, and/or experience, and internal equity. This base pay range is specific to the state this role is posted in and may not be applicable to other locations. At David’s Bridal, it is rare for an individual to be hired at the high end of the range in their role, and compensation decisions are dependent upon the details and circumstances of each position and candidate.