Network Automation Engineer

Role Overview

Location : Plano TX

We are seeking a highly skilled Network Automation Engineer to lead the design, development, and operationalization of Infrastructure-as-Code (IaC) and DevNetOps pipelines for branch network automation across a regulated BFSI enterprise. The role demands deep expertise in network programmability, controller-based orchestration, and cloud-native automation frameworks, with a strong emphasis on compliance, resilience, and repeatability.

Primary Technical Skills

Automation Frameworks: Proficient in Python, Ansible, Terraform, and GitLab CI/CD for building modular, reusable, and version-controlled automation pipelines.

Network Controllers: Hands-on with Cisco DNAC, Cisco NSO, vManage, and ACI Multi-Site Orchestrator for intent-based provisioning and policy enforcement.

API Integration: Strong experience with REST APIs, NETCONF/YANG, gRPC, and Webhooks for controller and device-level automation.

Data Modeling & Serialization: Proficient in JSON, YAML, XML, and Jinja2 templating for dynamic configuration generation and state validation.

SDN & Cloud-Native Networking: Exposure to SDN controllers, overlay/underlay abstraction, and cloud-integrated branch architectures.

IaC Pipelines: Design and deployment of GitOps workflows, pre-commit hooks, pipeline linting, and automated rollback mechanisms.

Stateful Automation: Use of source-of-truth systems (e.g., NetBox, Nautobot) to drive declarative provisioning and compliance drift detection.

Role-Based Access & Secrets Management: Integration with Vault, AWS Secrets Manager, and RBAC enforcement in automation pipelines.

Change Control Automation: Integration with ServiceNow, JIRA, or custom ITSM APIs for automated change ticket creation and approval gating.

Compliance as Code: Embedding security baselines, linting rules, and policy-as-code into CI/CD pipelines for audit-ready deployments.

Secondary Technical Skills

Monitoring & Observability: Integration with Prometheus, Grafana, InfluxDB, and Telegraf for telemetry collection and visualization.

Secure Coding Practices: Adherence to OWASP Top 10, input validation, token obfuscation, and API rate limiting in automation scripts.

Containerization & Orchestration: Experience with Docker, Kubernetes, and Helm for packaging and deploying automation microservices.

LLM-Based Automation: Exposure to LLM agents, prompt engineering, and natural language-driven orchestration for operational tasks.

Event-Driven Automation: Use of Kafka, RabbitMQ, or webhook triggers to initiate workflows based on telemetry or state changes.

Multi-Domain Integration: Automation across LAN/WAN, wireless, security, and cloud domains using unified orchestration layers.

Configuration Compliance: Use of Batfish, pyATS, or Nornir for pre/post validation, config diffing, and intent assurance.

Topology Discovery & Visualization: Automated generation of network topology maps, dependency graphs, and reachability matrices.

Version Control Best Practices: Branching strategies, merge request validation, and release tagging for network artifacts.

Test-Driven Automation: Implementation of unit tests, mock APIs, and sandbox environments for safe automation rollouts.

Required Experience

8 12 years in network engineering and automation, with 3+ years in controller-driven orchestration and IaC-based deployments.

Proven experience in building, maintaining, and scaling automation pipelines across multi-branch or distributed environments.

Strong scripting and API integration skills with a focus on modularity, error handling, and idempotency.

Experience in regulated industries (BFSI, healthcare, telecom) with emphasis on auditability, compliance, and change governance.

Ability to collaborate across network, security, DevOps, and cloud teams to drive end-to-end automation outcomes.

Preferred Qualifications

Experience in multi-vendor environments (Cisco, Juniper, Arista) with abstraction-layer orchestration.

Exposure to AI/ML-driven automation, including anomaly detection, predictive remediation, and intent inference.

Familiarity with SD-WAN and SSE integration, including policy synchronization, telemetry ingestion, and cross-domain automation.

Understanding of DevSecOps principles, pipeline hardening, and compliance-as-code methodologies.

Knowledge of compliance frameworks: ISO 27001, NIST 800-53, RBI, PCI-DSS, and GDPR.

Certifications (Preferred)

Cisco DevNet Professional or Specialist

HashiCorp Certified: Terraform Associate

Certified Kubernetes Administrator (CKA)

Python Network Automation (PCAP, PCEP)

ITIL Foundation or equivalent