Senior Specialist, Plant Network

Job Purpose:

Perform the network design, implementation, troubleshooting for Global Ceer IT Network Infrastructure and Operations services with focus on enterprise and industrial LAN/WAN, Network Security and Wireless technology and equipment.

Participate in CAB reviews (Change Management).

Education:

• Bachelor in Computer Science, Information Technology, Engineering or Related
• Preferred: Cisco CCIE/CCNP R&S, Security, Wireless, VoIP, Fortinet FortiGate Certification, ITIL v3+ Foundation

Skills & Competencies:

• Strong hands-on network implementation and design engineering skills in enterprise and industrial networks
• Team player
• Desire to learn new technology and continuous Improvement
• Strong oral, written communication and presentation skills
• Service and customer oriented, Process Oriented & disciplined
• Strong analytical/problem solving skills
• Ability to influence & educate
• Proven ability to successfully interface with service providers, vendors and work collaboratively with stakeholders to achieve positive outcomes.

Minimum Experience:

• 7+ years of experience in network and security design, implementation with strong hands-on network engineering skills working in a large enterprise environment or with a government entity

Key Accountabilities:

• Experienced Senior Network Engineer with hands-on network engineering skills, designing and implementing solutions in the Enterprise and Industrial Ethernet Cisco routing and switching, network security (FortiGate Firewalls/Network Access Control/Cisco ISE) and wireless (CURWB) space in areas such as local area network, network core/access layer, Internet Edge, WAN, SD-WAN, perimeter firewall, enterprise wireless, access control and data center, etc
• Deep technical knowledge in design, configuration, deployment of a broad range of Cisco Enterprise network technology and equipment in the large Enterprise environment, including LAN/WAN, Enterprise network security, Wireless, in complex, highly available and redundant setups.
• Deep technical knowledge in design, configuration, deployment of a broad range of Cisco Industrial network technology and equipment in the large manufacturing environment, including Industrial Ethernet LAN (IE3400./IE3105/IE9230 switches), Cisco Industrial Wireless(Cisco Ultra Reliable Wireless Backhaul) – IW9167E access points, in complex, highly available and redundant setups.
• Extensive hands-on experience designing, building, configuring, maintaining and troubleshooting Cisco switches and routers, including Cisco Catalyst 9300/9500 series switches, ISR 4xxx, 8xxx series Routers, Cisco ASA/Firepower firewalls,  FortiGate Firewalls, Cisco 9xxx series Access Points, Cisco Wireless LAN Controllers, Cisco ISE, DNA Center, CCIE/CCNP R&S, Security qualified or equivalent knowledge
• Deep technical knowledge, design and implementation experience of LAN/WAN technology, standards and protocols, such as TCP/IP, VLAN, ACLs, Multicast, Inter-VLAN routing, Spanning-tree protocols: RSTP, MST, link aggregation LACP, PAGP, gateway redundancy protocols HSRP, VRRP, QoS, Cisco stack wise and virtual stacking, Cisco Nexus data centre switching
• Deep technical knowledge, design and implementation experience of Cisco/Fortinet enterprise network security technologies and standards, such as Cisco/Fortinet firewalls, firewall policies, Site-to-Site IPSEC VPN, VPN client, NAT/PAT, firewall HA clustering, failover
• Deep technical knowledge, design and implementation experience in Enterprise routing: distance-vector and link-state routing protocols: EIGRP, OSPF, BGP, policy-based routing, route filtering, NAT/PAT, WAN technologies: SD-WAN, MPLS, IPVPN.
• Deep technical knowledge, design and implementation of user authentication protocols 802.1X, certificate authentication, PKI, EAP-TLS, TACACS/RADIUS, ISE policies etc…
• Working with carriers on Data and Voice Circuits: DIA, IPVPN, SIP trunks, etc.
• Technical knowledge, design and implementation experience of Cisco Wireless Network Access Control, Cisco ISE, RADIUS/TACACS, AAA
• Deep technical knowledge, design and experience implementing Cisco enterprise Wireless solutions, including Cisco WLCs and Cisco LWAP in local and flex-connect mode
• Knowledge of and experience with Cloud and virtual environments (MS Azure, VMWare) configuring and maintaining peering of On-Prem network infrastructure to Azure Cloud Virtual network.
• Awareness and knowledge in emerging network technologies, such as Cisco SD-Access, SD-WAN, Cisco DNA Center
• Experience with Microsoft Active Directory and how it is used to deliver integrated secure enterprise network access solutions to clients
• Work with and build good relationships with External Service Providers and Product Vendors
• Develops and maintains technology service, technical standards and process documents relating to network IT services
• Is responsible for root cause analysis and subsequent resolution of action items affecting network equipment reliability and reduction of failure rates and downtime of IT/OT services
• Develops maintenance strategies and plans to maintain all production and non-production assets to support business operations
• Contribute to the Knowledge System and share knowledge within the first line support team
• Manage ongoing technology delivery to service level agreements from projects to application and business owner for Hosting
• Recommends Cost savings/efficiencies
• Proactive in learning and taking certifications for R&S, Security, Wireless, VoIP solutions.

Champion process automation being effective in writing scripts, using automation tools such as Ansible to speed up tasks and increase quality