This job offer is no longer available
Staff Network Engineer (Menlo Park, CA)
Grailbio
- Edison, Georgia, United States
- Edison, Georgia, United States
About
We are a healthcare company, pioneering new technologies to advance early cancer detection. We have built a multi-disciplinary organization of scientists, engineers, and physicians and we are using the power of next-generation sequencing (NGS), population-scale clinical studies, and state-of-the-art computer science and data science to overcome one of medicine’s greatest challenges.
GRAIL is headquartered in the bay area of California, with locations in Washington, D.C., North Carolina, and the United Kingdom. It is supported by leading global investors and pharmaceutical, technology, and healthcare companies.
For more information, please visit grail.com
As a Staff Network Engineer at GRAIL, you will be a hands‑on technical leader responsible for building, operating, and evolving our cloud and hybrid network infrastructure. You’ll spend a significant portion of your time designing, implementing, and troubleshooting secure, scalable, and highly available network solutions in AWS (centered on Amazon VPC), while also owning critical on‑prem and data center networking (Juniper/Aruba) and Palo Alto firewalls.
You will both execute (design, configure, implement, monitor, and debug) and provide architectural leadership, standards, and mentorship across teams. A key part of the role includes robust monitoring, logging, dashboarding, and capacity planning to ensure reliable, predictable network performance.
This is a hybrid role based in Menlo Park, CA (moving to Sunnyvale, CA in Fall 2026) . Our current flexible work arrangement policy requires that a minimum of 80%, or 32 hours, of your total work week be on‑site for this role. Your specific schedule, determined in collaboration with your manager, will align with team and business needs and could exceed the 60% requirement for the site.
Responsibilities
Staff Network Engineering - AWS and Hybrid Cloud
AWS VPC Engineering
Design, build, and maintain Amazon VPCs including CIDR planning, subnet design (public/private), route tables, Internet Gateways (IGW), NAT gateways, and VPC endpoints (Interface/Gateway).
Configure and manage security controls such as Security Groups, NACLs, AWS Network Firewall, and AWS WAF for defense‑in‑depth across environments.
Hybrid Connectivity
Implement and support hybrid connectivity using AWS Direct Connect, Site‑to‑Site VPNs, and AWS Transit Gateway for scalable VPC‑to‑VPC and on‑prem connectivity.
Traffic Management & DNS
Configure Amazon Route 53 for internal and external DNS, routing policies, health checks, and failover.
Deploy and manage Elastic Load Balancing (ALB/NLB/GLB) to provide high availability, SSL termination, path‑based routing, and/or TCP/UDP load balancing.
On‑Prem & Data Center Networking
Operate and troubleshoot on‑prem and data center networks using Juniper and Aruba platforms (switching, routing, VLANs, VRFs, BGP/OSPF).
Configure, manage, and tune Palo Alto Networks firewalls, including security policies, NAT, VPN, and content inspection.
Monitoring, Logging & Dashboards
Design and implement end‑to‑end monitoring, alerting, and dashboards for network health, performance, and security, leveraging tools such as VPC Flow Logs, CloudWatch metrics/logs, Route 53 health checks, and firewall logs.
Build dashboards for link utilization, latency, packet loss, error rates, load balancer health, DNS performance.
Establish actionable alerting thresholds and runbooks to support rapid incident triage and resolution.
Capacity Planning & Performance
Perform ongoing capacity planning for AWS networking (VPCs, TGW, DX, VPN, load balancers) and on‑prem links.
Analyze traffic patterns and utilization data to right‑size connectivity, optimize routing, and plan upgrades.
Run performance tests, baselines, and tune configurations.
Incident Response & Troubleshooting
Lead network‑related incident response, including real‑time troubleshooting across layers (DNS, TCP/IP, TLS, HTTP, internal app protocols).
Drive root‑cause analysis and implement corrective actions.
Architecture & Design (Significant Component)
Own end‑to‑end network architecture for multi‑account, multi‑region AWS environments.
Develop and maintain network reference architectures and patterns for isolated and regulated environments, service‑to‑service connectivity, ingress/egress patterns, and zero‑trust designs.
Evaluate and introduce advanced AWS networking capabilities such as App Mesh, VPC Lattice, Global Accelerator.
Ensure designs include observability and capacity planning requirements.
Automation, Tooling & Governance
Build and maintain infrastructure‑as‑code for network components (Terraform/CloudFormation).
Integrate provisioning into CI/CD pipelines.
Automate monitoring, logging, and dashboard configurations.
Define network standards, guardrails, and best practices.
Partner with Security and Compliance to meet regulatory requirements.
Collaboration & Leadership
Act as primary subject matter expert, provide guidance to platform, SRE, security, and application teams.
Mentor other engineers on networking fundamentals, AWS networking, performance troubleshooting, and monitoring.
Lead and review technical designs, RFCs, and architectural decisions.
Communicate complex concepts, trade‑offs, and capacity risks to stakeholders.
These responsibilities summarize the role’s primary responsibilities and are not an exhaustive list. They may change at the company’s discretion.
Qualifications
10+ years of experience in network engineering, with at least several years in a senior/staff or architecture‑oriented role.
Deep, hands‑on experience with AWS networking: Amazon VPC, Security Groups, NACLs, Transit Gateway, Direct Connect, Route 53, ELB.
Strong enterprise/data center networking experience with Juniper and/or Aruba platforms, routing/switching protocols, and Palo Alto firewalls.
Demonstrated experience setting up monitoring, logging, and dashboards for network infrastructure and using this data for incident response and capacity planning.
Proven track record building and operating secure, highly available, scalable network infrastructures in production.
Solid understanding of network security principles, segmentation, and zero‑trust concepts.
Strong troubleshooting skills across layers (DNS, TCP/IP, TLS, HTTP, internal app protocols).
Infrastructure as Code: Hands‑on experience using Terraform or CloudFormation and comfortable owning architecture and automation.
Excellent communication skills and experience working in cross‑functional, fast‑moving environments.
Experience in healthcare, life sciences, or other highly regulated or security‑sensitive environments.
Experience with AWS Network Firewall, AWS WAF, AWS App Mesh, Amazon VPC Lattice, AWS Global Accelerator, and edge networking patterns.
Proficiency with infrastructure‑as‑code and automation/scripting (Python, Bash, PowerShell).
Experience designing SLOs, KPIs, and alerting strategies for network reliability and performance.
Familiarity with SD‑WAN, SASE, and/or Zero Trust Network Access (ZTNA) solutions.
Relevant certifications such as AWS Certified Advanced Networking – Specialty, CCNP/CCIE, or Palo Alto Networks certifications.
Expected full time annual base pay scale for the Menlo Park / Sunnyvale, CA area is $135K-$179K. Actual base pay will consider skills, experience and location.
This role may be eligible for other forms of compensation, including an annual bonus and/or incentives, subject to the terms of the applicable plans and Company discretion. This range reflects a good‑faith estimate of the range that the Company reasonably expects to pay for the position upon hire; the actual compensation offered may vary depending on factors such as the candidate’s qualifications. Employees in this role are also eligible for GRAIL’s comprehensive and competitive benefits package, offered in accordance with our applicable plans and policies. This package currently includes flexible time‑off or vacation; a 401(k) retirement plan with employer match; medical, dental, and vision coverage; and carefully selected mindfulness programs.
Equal Employment Opportunity GRAIL is an equal employment opportunity employer, and we are committed to building a workplace where every individual can thrive, contribute, and grow. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, sex, gender, gender identity, sexual orientation, age, disability, status as a protected veteran, or any other class or characteristic protected by applicable federal, state, and local laws. Additionally, GRAIL will consider for employment qualified applicants with arrest and conviction records in a manner consistent with applicable law and provide reasonable accommodations to qualified individuals with disabilities. Please contact us at rc@grailbio.com if you require an accommodation to apply for an open position.
#J-18808-Ljbffr
Languages
- English
Notice for Users
This job was posted by one of our partners. You can view the original job source here.