Contact Us

Senior Cloud Network Engineer

CloudLinux • Montenegro
Remote
Apply
AI Summary

CloudLinux is hiring a Senior Cloud Network Engineer to own and evolve the network layer of their hybrid infrastructure. This is a technical ownership role with real architecture ownership, requiring strong BGP and routing fundamentals, IPsec, VPN, and site-to-site connectivity experience, and deep Linux networking knowledge.

Key Highlights
Design and operate reliable cross-DC and hybrid connectivity
Own network changes end to end: design, risk assessment, peer review, rollout, monitoring, validation, rollback, and post-change notes
Debug and resolve production incidents involving Linux networking, BIRD/FRR, strongSwan, Juniper JunOS, firewalls, Cloudflare, DNS, MTU/MSS, asymmetric routing, NAT/conntrack, packet loss, Kubernetes CNI behavior, and provider constraints
Key Responsibilities
Design and operate reliable cross-DC and hybrid connectivity across IPsec, BGP, routing policy, firewalling, DNS, Cloudflare, provider networking, and cloud connectivity
Build highly available network paths across data centers, public cloud providers, OpenNebula, Kubernetes/Talos, and bare-metal infrastructure
Own network changes end to end: design, risk assessment, peer review, rollout, monitoring, validation, rollback, and post-change notes
Replace fragile manual patterns with documented, observable, repeatable services using Git review, automation, scripts, source-of-truth data, and monitoring
Debug and resolve production incidents involving Linux networking, BIRD/FRR, strongSwan, Juniper JunOS, firewalls, Cloudflare, DNS, MTU/MSS, asymmetric routing, NAT/conntrack, packet loss, Kubernetes CNI behavior, and provider constraints
Maintain architecture documents, topology diagrams, HLD/LLD specs, runbooks, disaster recovery procedures, configuration snapshots, IPAM/source-of-truth data, and operational handoff material
Technical Skills Required
BGP Routing fundamentals IPsec VPN Site-to-site connectivity Linux networking TCPdump Nftables/Iptables Conntrack System networking DNS behavior NIC/offload basics MTU/MSS troubleshooting Datacenter networking fundamentals VLANs LACP Switching Firewalls Optics/cabling awareness Maintenance windows Backup/recovery practices Cloud and provider networking experience VPC/VNet-style networks CIDR planning Route tables Security groups/NACLs/firewalls NAT/egress VPN Load balancers DNS Provider limitations Kubernetes networking fundamentals CNI Services Ingress NetworkPolicy Node/pod/service paths Egress control DNS Load balancing Packet-level troubleshooting Network observability and performance mindset Telemetry Flow logs Synthetic checks Bandwidth and latency analysis Packet loss Jitter Saturation Provider or appliance limits Network security operations Segmentation Firewall rule lifecycle Least privilege AAA concepts Secrets handling Safe maintenance-window discipline Infrastructure automation using scripting APIs Ansible Terraform/OpenTofu Git-based reviews Repeatable rollouts Configuration validation
Benefits & Perks
Paid 24 days of vacation per year
10 days of national holidays
Unlimited sick leaves
Compensation for private medical insurance
Co-working and gym/sports reimbursement
Budget for education
The opportunity to receive a reward for the most innovative idea that the company can patent
Nice to Have
Juniper JunOS, QFX/EX/SRX platforms, EVPN/VXLAN, MLAG/MC-LAG, ECMP, or leaf-spine network topologies
BIRD/FRR, anycast routing, RPKI/ROA/ROV validation, IRR, bogon filtering, route-leak mitigation, or public BGP routing operations
Network automation and documentation platforms such as NetBox/Nautobot, Oxidized, GitLab CI/CD, Batfish, containerlab, pyATS, NAPALM, or SuzieQ
Hetzner, Cloudflare Zero Trust/DNS/LB/WAF, AWS Transit Gateway, Direct Connect concepts, PrivateLink/VPC endpoints, or Route 53
Cilium, Calico, MetalLB, Gateway API, service mesh concepts, OpenNebula networking, Ceph/storage networking, IPv6/dual-stack, DDoS-aware design, SLOs, postmortems, or safe firewall governance

Job Description


CloudLinux and TuxCare build Linux, security, and enterprise infrastructure products used by hosting providers, software vendors, and engineering teams around the world. The Infrastructure team runs the platforms behind that work: data centers, public cloud providers, OpenNebula, Kubernetes/Talos, Ceph, CI/CD, observability, identity and access systems, and internal services.

We are hiring a hands-on Senior Cloud Network Engineer to own and evolve the network layer of our hybrid infrastructure. This is an engineering role with real architecture ownership: you will design, implement, monitor, document, automate, secure, and troubleshoot production networking across data centers, cloud regions, Kubernetes/Talos clusters, OpenNebula environments, and bare metal.

This is a technical ownership role. It is not a diagrams-only architecture position, and it is not a people-management role. You will define technical solutions, ship production changes, verify behavior, support incidents, and leave behind the runbooks, diagrams, and automation that make the next change safer.

How We Work:

We are a remote-first Infrastructure team organized into small senior cells. You will work with one existing network engineer, core infrastructure engineers, and adjacent Infrastructure teams. Networking is a high-impact shared dependency, so we value calm incident work and automation that reduces repeat pressure. The value of this role is turning complex demand into reliable systems, clear ownership, safer changes, and observable operations.

This role is a strong fit if you enjoy moving between architecture, packet captures, production configuration, monitoring, runbooks, rollback plans, and failure drills. You should want real ownership of cross-DC, on-prem, private cloud, and public/provider infrastructure.

It is probably not the right fit if you are looking for a pure architecture role, a large dedicated network team, only planned project work, no incident participation, or manual CLI-only changes without documentation, review, automation, and validation.

What You Will Own:

  • Design and operate reliable cross-DC and hybrid connectivity across IPsec, BGP, routing policy, firewalling, DNS, Cloudflare, provider networking, and cloud connectivity
  • Build highly available network paths across data centers, public cloud providers, OpenNebula, Kubernetes/Talos, and bare-metal infrastructure
  • Own network changes end to end: design, risk assessment, peer review, rollout, monitoring, validation, rollback, and post-change notes
  • Replace fragile manual patterns with documented, observable, repeatable services using Git review, automation, scripts, source-of-truth data, and monitoring
  • Debug and resolve production incidents involving Linux networking, BIRD/FRR, strongSwan, Juniper JunOS, firewalls, Cloudflare, DNS, MTU/MSS, asymmetric routing, NAT/conntrack, packet loss, Kubernetes CNI behavior, and provider constraints
  • Maintain architecture documents, topology diagrams, HLD/LLD specs, runbooks, disaster recovery procedures, configuration snapshots, IPAM/source-of-truth data, and operational handoff material
  • Work closely with IaaS, SRE/Observability, Security, Automation/Data, Platform, Service Delivery, and product teams


What Success Looks Like:

  • Critical cross-DC and provider network paths are easier to understand, monitor, change, and recover
  • Manual or one-off network changes are reduced through documented workflows, automation, review, and validation
  • Network observability improves: alert quality, synthetic checks, flow or telemetry data, and practical SLO thinking become part of normal operations

    • Interested in remote work opportunities in Devops? Discover Devops Remote Jobs featuring exclusive positions from top companies that offer flexible work arrangements.

  • IPAM, routing intent, firewall rule lifecycle, and ownership data are clearer in the source of truth
  • Incidents and maintenance windows have calm execution, clear communication, and useful follow-up notes


Requirements


What You Bring:

  • Senior production networking experience in environments where availability matters
  • Strong BGP and routing fundamentals: prefix filtering, communities, route policy, failover, BFD or similar mechanisms, asymmetric routing, traffic steering, and debugging
  • Strong IPsec, VPN, and site-to-site connectivity experience, ideally with strongSwan or similar tooling
  • Deep Linux networking knowledge: iproute2, tcpdump, nftables/iptables, conntrack, system networking, DNS behavior, NIC/offload basics, and MTU/MSS troubleshooting
  • Datacenter networking fundamentals: VLANs, LACP, switching, firewalls, optics/cabling awareness, maintenance windows, and backup/recovery practices
  • Cloud and provider networking experience: VPC/VNet-style networks, CIDR planning, route tables, security groups/NACLs/firewalls, NAT/egress, VPN, load balancers, DNS, and provider limitations
  • Kubernetes networking fundamentals: CNI, Services, Ingress, NetworkPolicy, node/pod/service paths, egress control, DNS, load balancing, and packet-level troubleshooting
  • Network observability and performance mindset: telemetry, flow logs, synthetic checks, bandwidth and latency analysis, packet loss, jitter, saturation, and provider or appliance limits
  • Network security operations: segmentation, firewall rule lifecycle, least privilege, AAA concepts, secrets handling, and safe maintenance-window discipline
  • Comfort with infrastructure automation using scripting, APIs, Ansible, Terraform/OpenTofu, Git-based reviews, repeatable rollouts, and configuration validation
  • Clear written communication in remote and asynchronous teams: change plans, incident updates, runbooks, risk statements, rollback plans, and owner/date commitments
  • Sound judgment under uncertainty: you can make bounded decisions, but you verify production impact and blast radius before acting


Nice to Have:

Browse our curated collection of remote jobs across all categories and industries, featuring positions from top companies worldwide.

These capabilities are beneficial but not mandatory for every candidate.

  • Juniper JunOS, QFX/EX/SRX platforms, EVPN/VXLAN, MLAG/MC-LAG, ECMP, or leaf-spine network topologies
  • BIRD/FRR, anycast routing, RPKI/ROA/ROV validation, IRR, bogon filtering, route-leak mitigation, or public BGP routing operations
  • Network automation and documentation platforms such as NetBox/Nautobot, Oxidized, GitLab CI/CD, Batfish, containerlab, pyATS, NAPALM, or SuzieQ
  • Hetzner, Cloudflare Zero Trust/DNS/LB/WAF, AWS Transit Gateway, Direct Connect concepts, PrivateLink/VPC endpoints, or Route 53
  • Cilium, Calico, MetalLB, Gateway API, service mesh concepts, OpenNebula networking, Ceph/storage networking, IPv6/dual-stack, DDoS-aware design, SLOs, postmortems, or safe firewall governance


Benefits


What's in it for you?

  • A focus on professional development
  • Interesting and challenging projects
  • Fully remote work with flexible working hours, that allows you to schedule your day and work from any location worldwide
  • Paid 24 days of vacation per year, 10 days of national holidays, and unlimited sick leaves
  • Compensation for private medical insurance
  • Co-working and gym/sports reimbursement
  • Budget for education
  • The opportunity to receive a reward for the most innovative idea that the company can patent

By applying for this position, you consent to the processing of your personal data as described in our Privacy Policy (https://cloudlinux.com/candidate-privacy-notice ), which provides detailed information on how we maintain and handle your data.
Apply Now
Job Overview
Posted Date Jun 17, 2026
Employment Type Full-time
Experience Level Mid-Senior level
Location Montenegro
Category Devops
Company CloudLinux
Mentioned Skills
gitlab ci cloudflare calico vpn storage firewall bgp firewalls ipsec dns nat ipv6 git kubernetes aws terraform ansible linux cloud gitlab network security
Industries
non-profit organizations and primary and secondary education

Similar Jobs

Explore other opportunities that match your interests

DevOps Automation Engineer (Platform Operations)
Devops
•
6m ago
Visa Sponsorship Relocation Remote
Job Type Contract
Experience Level Not Applicable

Actalent

United State

DevOps Engineer
Devops
•
44m ago
Visa Sponsorship Relocation Remote
Job Type Full-time
Experience Level Associate

netrolynx ai

United State

Senior Cloud Computing Specialist - AI Research Lab Task Design

Devops
•
45m ago

Premium Job

Sign up is free! Login or Sign up to view full details.

•••••• •••••• ••••••
Job Type ••••••
Experience Level ••••••

Mercor

United State

Subscribe our newsletter

New Things Will Always Update Regularly