Network Management Services Engineer (Day-2 Operations)

Network Management Services Engineer (Day-2 Operations)

Ang Mo Kio

Contract (12 months renewable)

Base Salary – $6,000 – $8,000

Upon completion of 12 months’ contract (subject to attendance, performance, etc.)

Provide secure, resilient, and continuously available enterprise network services through controlled Day‑2 operations, ensuring service levels, security compliance, and operational readiness following formal handover from implementation teams.

• Stable and highly available network services aligned to agreed service levels.
• Secure network posture enforced through access control, segmentation, and policy governance.
• Predictable incident response and restoration through ITIL‑aligned processes.
• Controlled network changes with documented risk, approval, and validation.
• Continuous visibility into network performance, utilization, and capacity risks.
• Demonstrable compliance with patching, hardening, and audit requirements.

• Day‑to‑day administration of enterprise network infrastructure after formal handover.
• Continuous review of network logs, audit trails, and operational alerts.
• Management of network access controls, authentication, authorization, and accounting.
• IP address management, routing configuration administration, and network housekeeping.
• Backup, restoration, and documentation of network configurations.
• Maintenance of accurate network topology, configuration, and operational records.

• Operation of network access control and posture validation mechanisms.
• Enforcement of segmentation and controlled access workflows prior to service enablement.
• Administration of firewall policies, access rules, and security configurations.
• Review and analysis of security events, violations, and anomalous traffic patterns.
• Recommendation and implementation of corrective and preventive security measures.

• Network incident management aligned to defined service levels and escalation paths.
• Root cause analysis and problem management for recurring or high‑impact incidents.
• Change planning, risk and impact assessment, approval coordination, and execution.
• Post‑change service verification to confirm network stability and functionality.
• Coordination with third‑party support providers where required, with operational ownership retained.

• Planned preventive and corrective maintenance with documented risk and impact assessments.
• Graceful shutdown and startup of network equipment during approved maintenance windows.
• On‑site or remote standby support during infrastructure or facility maintenance activities.
• Monitoring of hardware warranties, support contracts, and lifecycle milestones.
• Proactive notification of upcoming renewals or end‑of‑support conditions.

• Continuous monitoring of network availability, latency, utilization, and health indicators.
• Threshold‑based alerting and proactive response to performance degradation.
• Traffic flow analysis to identify bottlenecks, underutilization, and growth trends.
• Capacity and performance recommendations based on observed usage patterns.
• Integration of monitoring outputs into incident and problem management workflows.

• Automation of common and repeatable operational tasks where appropriate.
• Automation must remain auditable, secure, and compliant with operational controls.
• Automation shall not bypass approval, change, or security governance requirements.

• Network architecture design or initial implementation activities.
• Major technology refreshes or platform migrations unless separately commissioned.
• Activities outside the defined scope without formal service request or change approval.

• Services are delivered in alignment with ITIL practices, including Incident, Problem, Change, Configuration, and Knowledge Management.
• All operational activities are subject to documented approvals, auditability, and evidence retention.
• Security hardening and patch compliance are treated as mandatory operational controls.
• Disputes on fault ownership shall be supported by logs, metrics, and documented analysis.

• Monthly service reports covering:

• Network availability and service level performance.

• Incident volumes, response times, and resolution trends.

• Change activity and success rates.

• Security posture and compliance status.

• Network utilization and performance analysis reports.
• Patch, configuration, and access compliance evidence.
• Ad‑hoc reports provided upon request, subject to agreed timelines.

The Network Management Service provides Day‑2 operational support for the following network platforms and technologies. These define the minimum platform competency coverage required for service delivery.

• Cisco Application Centric Infrastructure (ACI)

• Nexus 9000 series spine, leaf, border, service, and copper leaf switches

• APIC controller clusters

• Fabric policy, tenant, VRF, endpoint group, and contract operations

• • Cisco SAN switches

• Fibre Channel zoning, path management, and fabric health monitoring

• Software‑Defined Access (SDA)

• Cisco DNA Center appliances

• Fabric lifecycle management and policy operations

• • Cisco Identity Services Engine (ISE)

• TACACS servers

• Network access control, posture validation, and segmentation enforcement

• SD‑WAN Platforms

• Cisco SD‑WAN controllers

• Policy‑based routing, overlay and underlay monitoring

• • Cisco C8500 series routers

• Cisco C9500 series switches

• Routing, high availability, and performance management

• Firewall and Policy Enforcement

• Firewall rule administration and secure routing

• Integration with upstream and downstream security platforms

• Load Balancing and Traffic Management

• Enterprise load balancing platforms where applicable

• Traffic distribution, availability, and performance optimization

• Flow and Traffic Analytics

• NetFlow collectors

• NetFlow analytics consoles

• NetFlow data stores

• Network Monitoring and Forensics

• Traffic analysis, anomaly detection, and investigation support

• 24x7 operational monitoring and incident response (where contracted)
• Configuration backup, restoration, and drift detection.
• Patch and firmware management in accordance with approved timelines.
• Controlled change execution with post‑change validation.
• Security posture enforcement and compliance reporting.
• Integration with service management and reporting platforms.

• Day‑2 operational responsibility commences only after formal handover and acceptance.
• Network designs, baselines, and architectures are provided by the implementation phase.
• Required access, documentation, and tooling are made available at service commencement.

The Network Management Service is considered successfully delivered when:

• Network services meet agreed service levels.
• Incidents, changes, and problems are handled within defined controls.
• Security, patching, and configuration compliance evidence is maintained.
• Reporting and audit requirements are satisfied.

• Minimum ITE/Diploma/Degree in Computer Science or relevant disciplines.
• Minimum 4 years experience in Network Security concepts.
• Cisco CCNA Certified or an alternative Networking Certification.
• Strong hands‑on knowledge with Networking products, e.g., routers, firewalls, switches.
• Subject matter expert in Network configuration and planning.

For a confidential discussion, interested applicants please kindly send your updated resume.