DDOT - Field Network Engineer — ITS Infras. (801306)

About The Position

Requirements

• Bachelor’s degree in Computer Science, Information Technology, Network Engineering, or a related field (or equivalent professional experience)--Required 15 Years
• Conveying technical and functional concepts for a specific technical specialty--Required 11 Years
• Preparing complex technical documentation--Required 11 Years
• Experience with Intelligent Transportation Systems (ITS) including traffic signal controllers, CCTV/video surveillance transport, and traffic management--Required 11 Years
• Experience with LTE/5G failover solutions--Required 7 Years
• Network automation skills using Ansible or Python-based scripting--Required 11 Years
• Knowledge of IoT security and segmentation best practices--Required 5 Years
• Knowledge of high-availability network design, redundant architectures, and disaster recovery planning--Required 8 Years
• Fiber optic network experience — including single-mode fiber design, SFP/SFP+ transceivers--Required 11 Years
• Prior experience working with a state or municipal Department of Transportation--Required 10 Years
• Active CCNA Certification--Required

Nice To Haves

• CCIE Enterprise Infrastructure, Certified Fiber Optic Technician (CFOT) or equivalent, CompTIA Network+ or Security+ ITIL v4 Foundation

Responsibilities

• Deploy and support Cisco DMVPN (Phase 2/Phase 3) hub-and-spoke and spoke-to-spoke overlay networks across Metro Ethernet transport.
• Configure and troubleshoot IPsec VPN profiles, GRE tunnels, NHRP mappings, and tunnel interfaces for the DMVPN fabric.
• Implement dynamic routing protocols (BGP, OSPF, EIGRP) over DMVPN tunnels to support automated failover and optimal path selection.
• Design failover and redundancy strategies, including LTE/5G backup paths, to ensure uninterrupted connectivity during circuit or equipment outages.
• Monitor tunnel health, latency, and throughput to maintain performance standards across all VPN connections.
• Coordinate with service providers on Metro Ethernet circuit provisioning (E-Line, E-LAN), turn-up, and incident resolution.
• Manage dual-WAN redundancy models and carrier handoff configurations at each site.
• Perform field installations and cutovers of routers, switches, cabinets, and handoff equipment.
• Manage VLAN configurations, IP addressing schemes, and Layer 2/Layer 3 connectivity between remote aggregation points and headend data centers.
• Implement and maintain network segmentation using VRFs, VLANs, and firewall policies to isolate ITS traffic domains.
• Apply and tune QoS policies to prioritize latency-sensitive traffic such as signal control and video.
• Troubleshoot network issues end-to-end from field site through WAN transport to data center.
• Maintain accurate network documentation including diagrams, IP assignments, equipment inventories, and configuration records.
• Support Dot’s traffic signal control systems, CCTV/video surveillance platforms, and IoT field devices by ensuring reliable, low-latency transport connectivity.
• Coordinate field cabinet upgrades to accommodate new network equipment, including power and environmental requirements.
• Manage the migration of remote aggregation points from legacy infrastructure to modern DMVPN-based transport.
• Monitor network performance, availability, and service-level compliance across all ITS transport links.
• Ensure all network connections utilize encrypted communications per DDOT and District government security policies.
• Manage VPN certificate lifecycles, key rotation, and trust domain configurations.
• Implement IoT security and segmentation best practices for field-deployed devices.
• Support security audits, vulnerability assessments, and remediation efforts on ITS network infrastructure.