Staff Network Engineer (Menlo Park, CA or Durham, NC) #4507 jobs in United States
cer-icon
Apply on Employer Site
company-logo

GRAIL · 2 days ago

Staff Network Engineer (Menlo Park, CA or Durham, NC) #4507

positionMenlo Park, CA
timeFull-time
remoteHybrid
seniorityLead/Staff
money$135K/yr - $179K/yr
date10+ years exp

GRAIL is a healthcare company focused on early cancer detection through innovative technologies. They are seeking a Staff Network Engineer to lead the design, implementation, and troubleshooting of their cloud and hybrid network infrastructure, ensuring reliability and performance in AWS and on-prem environments.

BiotechnologyHealth CareHealth DiagnosticsMedicalMedical Device
check
H1B Sponsor Likelynote

Responsibilities

Staff Network Engineering - AWS and Hybrid Cloud
AWS VPC Engineering
Design, build, and maintain Amazon VPCs including CIDR planning, subnet design (public/private), route tables, Internet Gateways (IGW), NAT gateways, and VPC endpoints (Interface/Gateway)
Configure and manage security controls such as Security Groups, NACLs, AWS Network Firewall, and AWS WAF for defense‑in‑depth across environments
Hybrid Connectivity
Implement and support hybrid connectivity using AWS Direct Connect, Site‑to‑Site VPNs, and AWS Transit Gateway for scalable VPC‑to‑VPC and on‑prem connectivity
Traffic Management & DNS
Configure Amazon Route 53 for internal and external DNS, routing policies, health checks, and failover
Deploy and manage Elastic Load Balancing (ALB/NLB/GLB) to provide high availability, SSL termination, path‑based routing, and/or TCP/UDP load balancing
On‑Prem & Data Center Networking
Operate and troubleshoot on‑prem and data center networks using Juniper and Aruba platforms (switching, routing, VLANs, VRFs, BGP/OSPF)
Configure, manage, and tune Palo Alto Networks firewalls, including security policies, NAT, VPN, and content inspection
Monitoring, Logging & Dashboards
Design and implement end‑to‑end monitoring, alerting, and dashboards for network health, performance, and security, leveraging tools such as:
VPC Flow Logs, CloudWatch metrics/logs, and Route 53 health checks
Firewall logs and on‑prem device telemetry
Build and maintain dashboards for:
Link utilization, latency, packet loss, and error rates (DX, VPN, TGW, campus links)
Load balancer health, connection metrics, and capacity
DNS performance and resolution issues
Establish actionable alerting thresholds and runbooks to support rapid incident triage and resolution
Capacity Planning & Performance
Perform ongoing capacity planning for AWS networking (VPCs, TGW, DX, VPN, load balancers) and on‑prem links, forecasting growth and identifying bottlenecks
Analyze traffic patterns and utilization data to right‑size connectivity, optimize routing, and plan upgrades before they become constraints
Run performance tests and baselines (throughput, latency, failover behavior) and tune configurations accordingly
Incident Response & Troubleshooting
Lead network‑related incident response, including real‑time troubleshooting across layers (DNS, TCP/IP, TLS, HTTP, internal app protocols)
Drive root‑cause analysis (RCA) and implement corrective and preventive actions (runbooks, automation, design changes)
Architecture & Design (Significant Component)
Own end‑to‑end network architecture for multi‑account, multi‑region AWS environments, ensuring scalability, reliability, observability, and security
Develop and maintain network reference architectures and patterns for:
Isolated and regulated environments
Service‑to‑service connectivity using PrivateLink, VPC peering, and/or VPC Lattice
Ingress/egress patterns through ELB, Global Accelerator, and centralized egress VPCs
Design application connectivity, segmentation, and zero‑trust network patterns in partnership with Security and Platform teams
Evaluate and introduce advanced AWS networking capabilities (e.g., AWS App Mesh, Amazon VPC Lattice, AWS Global Accelerator) where they provide clear operational or performance benefits
Ensure architectural designs explicitly include observability and capacity planning requirements (telemetry, KPIs, SLOs)
Automation, Tooling & Governance
Build and maintain infrastructure‑as‑code for network components (e.g., Terraform/CloudFormation modules for VPCs, TGWs, Direct Connect, routing, firewall rules)
Integrate network provisioning and configuration into CI/CD pipelines to support safe, auditable, and repeatable deployments
Automate generation and updates of network monitoring, logging, and dashboard configurations where possible
Define and codify network standards, guardrails, and best practices for AWS and on‑prem networking, including monitoring and capacity baselines
Partner with Security and Compliance to ensure designs and implementations meet regulatory and internal policy requirements, including logging and retention requirements
Collaboration & Leadership
Act as the primary subject matter expert for AWS networking, hybrid connectivity, and network observability, providing guidance to platform, SRE, security, and application teams
Mentor other engineers on networking fundamentals, AWS networking, performance troubleshooting, and effective monitoring/dashboards
Lead and review technical designs, RFCs, and architectural decisions for network‑related projects
Communicate complex networking concepts, trade‑offs, and capacity risks to both technical and non‑technical stakeholders

Qualification

AWS networkingAmazon VPCJuniper networkingPalo Alto firewallsNetwork monitoringInfrastructure-as-codeRouting/switchingCapacity planningTroubleshooting skillsCommunication skills

Required

10+ years of experience in network engineering, with at least several years in a senior/staff or architecture-oriented role
Deep, hands-on experience with AWS networking: Amazon VPC (CIDR design, subnets, IGW/NAT, route tables, endpoints)
Security Groups and NACLs
AWS Transit Gateway, Site-to-Site VPN, and AWS Direct Connect
Route 53 and ELB (ALB/NLB/GLB)
Strong enterprise/data center networking experience: Juniper and/or Aruba networking platforms
Routing/switching (BGP, OSPF, VLANs, VRFs, link aggregation, redundancy protocols)
Hands-on experience with Palo Alto Networks firewalls (policy management, NAT, VPN, content inspection)
Demonstrated experience setting up monitoring, logging, and dashboards for network infrastructure (cloud and on-prem), and using this data for incident response and capacity planning
Proven track record building and operating secure, highly available, and scalable network infrastructures in production
Solid understanding of network security principles, segmentation, and zero-trust concepts
Strong troubleshooting skills across layers (DNS, TCP/IP, TLS, HTTP, internal app protocols)
Excellent communication skills and experience working in cross-functional, fast-moving environments

Preferred

Experience in healthcare, life sciences, or other highly regulated or security-sensitive environments
Experience with: AWS Network Firewall, AWS WAF
AWS App Mesh and/or Amazon VPC Lattice
AWS Global Accelerator and edge networking patterns
Proficiency with infrastructure-as-code (e.g., Terraform, CloudFormation) and automation/scripting (Python, Bash, PowerShell, etc.)
Experience designing SLOs, KPIs, and alerting strategies for network reliability and performance
Familiarity with SD-WAN, SASE, and/or Zero Trust Network Access (ZTNA) solutions
Relevant certifications such as AWS Certified Advanced Networking – Specialty, CCNP/CCIE, or Palo Alto Networks certifications

Benefits

Flexible time-off or vacation
A 401(k) retirement plan with employer match
Medical, dental, and vision coverage
Carefully selected mindfulness programs

Company

GRAIL

twittertwittertwitter
Glassdoor3.5
company-logo
Grail is a healthcare company that develops pan-cancer screening tests designed to detect cancers at an early stage.
dateFounded in 2016
location
Menlo Park, California, USA
people-size1001-5000 employees
web-link
https://www.grail.com

H1B Sponsorship

GRAIL has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (21)
2024 (26)
2023 (23)
2022 (46)
2021 (25)
2020 (9)

Funding

Current Stage
Public Company
Total Funding
$2.44B
Key Investors
ARCH Venture PartnersIllumina
2025-10-20Post Ipo Equity· $325M
2025-10-16Post Ipo Equity· $110M
2024-06-13IPO

Leadership Team

leader-logo
Satnam Alag
Senior Vice President Software Engineering and Chief Security Officer
linkedin
leader-logo
Joshua J. Ofman
President
linkedin

Recent News

GenomeWeb
Grail Reports Preliminary FY2025 Revenue Growth at JPM Healthcare Conference
2026-01-16
GenomeWeb
At JP Morgan, Grail Projects 18 Percent Growth in FY25 Revenue
2026-01-14
thefly.com
Grail sees Q4 revenue $43M-$44M, consensus $42.17M
2026-01-13
Company data provided by crunchbase