Network Automation Engineer

About The Position

Requirements

• Bachelor’s degree in Information Technology, Computer Engineering, or related field.
• 3+ years of network engineering experience in an enterprise environment.
• Deep knowledge of L2/L3 routing and switching (Cisco, Arista, or equivalent).
• Strong experience with large enterprise network BGP implementations (both on premises and cloud).
• Strong experience with VRFs, segmentation, QoS, STP, MLAG/VPC and related redundancy protocols.
• Strong hands-on experience with Palo Alto firewalls and Panorama-managed deployments.
• Experience designing and supporting enterprise wireless (Aruba, Cisco, or equivalent).
• Experience with Python and/or Ansible, Git, and the fundamentals of CI/CD facilitated network automation.
• Strong communication skills; ability to lead technical discussions and mentor others.
• Some travel is required.
• Eligible to work in the United States without the need for employer visa sponsorship now or in the future.

Nice To Haves

• Cisco or Arista certifications (CCNP, Devnet, ACE etc.).
• Palo Alto Networks Certified Network Security Engineer (PCNSE).
• Aruba Certified Mobility Associate (ACMA) or Aruba Certified ClearPass Professional (ACCP).
• Formal training or certification in NERC CIP compliance.
• Working knowledge of NERC CIP standards and their application to critical infrastructure and/or formal training or certification in NERC CIP compliance.
• Experience in the energy, utilities, or critical infrastructure sectors.
• Familiarity with network monitoring/observability and management tools (PRTG, Prometheus, Solarwinds, etc.).
• ITIL 4.0 Foundations or other ITIL certification.

Responsibilities

• Architect scalable Layer 2/3 and Layer 3 focused network designs for datacenters, corporate campuses, OT sites, and the global WAN.
• Design and deploy BGP-centric architectures, including multi-site routing, route-policy design, and path-engineering.
• Design and deploy VXLAN BGP EVPN datacenter fabrics (Arista MSS, Cisco, or equivalent), including VTEPs, MLAG, VRFs, security segmentation, and east-west flow policy.
• Develop global network standards, patterns, and declarative code-driven reference architectures to improve consistency across all Invenergy facilities.
• Efficiently deploy, manage, and troubleshoot network firewalls (Primarily Palo Alto, Azure, and Fortinet), VPNs, and implement network security policies in partnership with security and compliance stakeholders.
• Design security segmentation strategies that align with NERC CIP requirements (ESP/PSP boundaries, EACMS, monitoring, log retention).
• Collaborate with cross-functional teams on project delivery, change management, and security/compliance workflows.
• Build and maintain repeatable and testable network automation workflows using Python, Ansible, Git-based CI/CD, and modern configuration-management practices.
• Collaborate and develop systems, not one-off scripts: enforce idempotent workflows, automated validation, linting, and policy guardrails.
• Participate in a 24×7 on-call rotation to provide critical support as an expert network escalation resource.

Benefits

• Invenergy offers a variety of other benefits including medical, dental and vision insurance, 401k, paid time off, etc.