Sr Network Automation Engineer

Job Description
Who You Are

Sr. Network Automation Engineer - Hybrid on site

Santa Clara, CA

Hiring manager says he needs hard core infrastructure system developers who have some knowledge of networking. If you look at network automation landscape, it would be someone who might actually not even be a network engineer - ever, but came into networking through DevOps world.

I need a person who can build a system - architect the solution - pick a database of choice (sql , non-sql, mdm-sql), pick backend framework, front end framework, store data, integrate it into jenkins pipeline, and then use ansible or salt to communicate with network devices to do config management and telemetry.

What We Need to See (Must-Have Skills)

• 6-10+ years in network engineering with experience designing and automating complex networks.

• 6-10+ years of automation experience with Python, Go, Ansible, Terraform, and CI/CD tooling.

• Proven ability to automate Arista EOS and Cumulus Linux environments.

• Experience with firewall automation, particularly Palo Alto (Terraform, Pan-OS Python SDK, APIs).

• Familiarity with GitOps, version control, and pipeline-based change management.

• Strong understanding of BGP, OSPF, VXLAN, EVPN, and multi-vendor networking principles.

Who You Are

You are a network engineer turned automation expert, fluent in infrastructure as code, version control, and event-driven orchestration.

You've built complex automation stacks that deploy, validate, and secure networks at scale - from Day 0 provisioning to Day 2 operations. You're not just comfortable in multi-vendor environments - you thrive in them.

Whether it's Arista EOS, Cumulus Linux, or Palo Alto firewalls, you know how to make them work together through automation.

You believe that networks should be programmable, observable, and intelligent by design.

You write code with reliability in mind and see every problem as a chance to build something better.

You're collaborative, creative, and relentlessly curious - just like us.

What You'll Be Doing

Automating Global Network Deployments

• Design and develop automated workflows for provisioning, configuration, and upgrades across switches, routers, and firewalls.

• Use tools like Ansible, Terraform, Nornir, SaltStack, and programming languages like Python or Go to automate every stage of network lifecycle - Day 0 to Day N.

• Automate configuration and policy deployment for Palo Alto firewalls, Arista EOS, NVIDIA Cumulus, and Cisco platforms using Jinja2 templates and CI/CD pipelines.

Building a Network that Validates Itself

• Implement state validation and compliance enforcement using tools like pyATS, Batfish, SuzieQ, and OpenConfig/YANG models.

• Develop drift detection, remediation logic, and enforce zero-trust configurations at scale. Driving API-Driven & Event-Based Automation

• Build integrations using RESTful APIs, gNMI, NETCONF, and custom toolchains to orchestrate provisioning and policy enforcement.

• Implement event-driven architectures using Kafka, RabbitMQ, or webhooks for realtime responsiveness. Implementing GitOps and CI/CD for Networking

• Build and maintain GitOps-based pipelines using GitHub Actions, Jenkins, or GitLab CI to drive configuration delivery.

• Leverage IaC principles to enable automated rollbacks, testing, and disaster recovery. Powering Observability & Self-Healing Systems

• Integrate streaming telemetry (gNMI, OpenTelemetry, ELK, Prometheus, InfluxDB) to enable real-time observability.

• Automate log correlation, anomaly detection, and corrective actions for self-healing infrastructure. Collaborating, Documenting, and Leading

• Work cross-functionally with DevOps, security, and network architecture teams to shape automation strategy.

• Document frameworks, mentor engineers, and champion best practices in NetDevOps.

Nice to Have (Bonus Points For)

• Experience with CVP (CloudVision Portal) and Cumulus NetQ.

• Exposure to streaming telemetry and event-driven architecture.

• Familiarity with cloud networking across AWS, Azure, or GCP.

• Experience with network inventory management (NetBox/Nautobot).

• Understanding of SASE/SSE architectures, zero-trust security, and automated policy enforcement.