IBERDROLA Renewables
Job Title: Lead Network Engineer
Department: Information Tchnology
Reports to:Director - Network Technology
Location:
In Office ,Orange CT The base salary range for this position is dependent upon experience and location, ranging from: $138,343.20 - $172,929 Job Summary We are seeking a highly skilledSenior Network Engineerto design, implement, manage, and optimize our large-scale, complex network infrastructure spanning350+ locations. This role involves managingMPLS, Dedicated Internet Access (DIA), point-to-point circuits (P2P), Cloud Connects, AWS Direct Connect, and Azure ExpressRoute, along with implementingIPSec VPN, advanced routing (BGP, EIGRP), security policies (NAT, ACLs, route maps), and network automation. The ideal candidate will also be responsible forproactive network monitoring, performance analysis, and security visibilityusing tools likeSNMP-based monitoring, ExtraHop, and other network analytics platformsto ensure optimal uptime, security, and efficiency. Key Responsibilities Architect, deploy, and optimize ascalable, highly available, and secureenterprise network across350+ locations.
Design and maintainMPLS, DIA, P2P circuits, AWS Direct Connect, and Azure ExpressRouteto ensure high-performance connectivity.
Engineer and supportIPSec VPN tunnelsfor secure remote access and inter-site connectivity.
Implement advancedrouting policiesusingBGP, EIGRP, OSPF, static routes, prefix lists, ACLs, and route maps.
Design and maintainenterprise wireless solutionsincludingCisco WLCs and Access Points.
Administer and maintainCisco routers (ISR, ASR) and switches (Catalyst, Nexus).
ManageInfoblox DDI (DNS, DHCP, IPAM) for resilient name resolution.
Configure and maintainCisco ISE for network access control and authentication policies.
Overseenetwork performance monitoring, SNMP-based alerting, and traffic analysis.
UtilizeExtraHop and other deep packet inspection (DPI) toolsfor real-time traffic visibility and network security monitoring.
Troubleshoot network issues, latency, packet loss, and performance bottlenecks across WAN, LAN, and cloud interconnects.
EnforceAAA, TACACS+, RADIUS, and 802.1X authenticationpolicies.
Develop and enforcefirewall policies, NAT configurations, and access control lists (ACLs).
Ensure compliance withISO 27001, NIST, PCI-DSS, and other industry security frameworks.
Work withSecurity Operations (SOC) teamsto mitigate threats, monitor anomalies, and secure network boundaries.
Deploy and maintainSNMP-based monitoring solutions (SolarWinds, PRTG, Thousand Eyes, Cisco DNA Center, etc.).
ImplementExtraHop for deep packet analysis, application monitoring, and network anomaly detection.
Automate network tasks usingPython, Ansible, Terraform, or equivalent.
OptimizeQoS policies, WAN acceleration, and traffic engineering techniquesto enhance application performance.
Performcapacity planning and proactive performance analysisto optimize network usage and prevent congestion.
Design, deploy, and managehybrid cloud network architecturesinAWS and Azure.
ImplementAWS Direct Connect and Azure ExpressRoute for high-speed cloud connectivity.
Optimizecloud Networks, VPN peering, and virtual network gateways.
Maintain up-to-datenetwork documentation, topology diagrams, and runbooks.
Collaborate withIT, Security, and Infrastructure teamsto align network initiatives with business objectives.
Providetechnical mentorshipto junior network engineers and cross-functional teams.
Required Qualifications & Skills 8-10 years of hands-on experience in network engineering, architecture, and operations.
Strong expertise inMPLS, DIA, P2P circuits, AWS Direct Connect, and Azure ExpressRoute.
Deep knowledge ofrouting protocols (BGP, EIGRP, OSPF), IPSec VPN, NAT, ACLs, route maps.
Extensive experience withCisco routers (ISR, ASR) and switches (Catalyst, Nexus).
Proficiency innetwork monitoring and SNMP-based solutions (SolarWinds, PRTG, ThousandEyes, Cisco DNA Center, etc.).
Hands-on experience withExtraHop for deep packet inspection and traffic analytics.
Experience withInfoblox (DNS, DHCP, IPAM) and Cisco ISE (802.1X, NAC, authentication).
Strong knowledge ofwireless networking (Cisco WLCs, Access Points, RF design, and security policies).
Scripting andnetwork automation experience (Python, Ansible, Terraform, or equivalent tools).
Ability to analyzepacket captures, NetFlow, SNMP logs, and real-time network telemetry.
Certifications Cisco CCNP / CCIE (Enterprise, Security, or Service Provider)
AWS Advanced Networking Specialty
Microsoft Certified: Azure Network Engineer Associate
ExtraHop Certified Professional (ECP)
Infoblox Core DDI Certification
Company: THE SOUTHERN CONNECTICUT GAS COMPANY Mobility Information Please note that any applicant who is not a of the country of the vacancy will be subject to compliance with the applicable immigration requirements to legally work in that country. At Avangrid we provide fair and equal employment and advancement opportunities for all employees and candidates regardless of , , , , , , , marital status, , protected veteran status or any other status protected by federal, state, or local law. If you are an individual with a or a disabled veteran who is unable to use our online tool to search for or to apply for jobs, you may request a reasonable accommodation by contacting our People and Organization department at careers@avangrid.com. Avangrid employees may be assigned a system emergency role and in the event of a system emergency, may be required to work outside of their regular schedule/job duties. This is applicable to employees that will work in Connecticut, Maine, Massachusetts, and New York within Avangrid Network and Corporate functions. This does not include those that will work for Avangrid Power. Job Posting End Date: September-22-2025 #J-18808-Ljbffr
In Office ,Orange CT The base salary range for this position is dependent upon experience and location, ranging from: $138,343.20 - $172,929 Job Summary We are seeking a highly skilledSenior Network Engineerto design, implement, manage, and optimize our large-scale, complex network infrastructure spanning350+ locations. This role involves managingMPLS, Dedicated Internet Access (DIA), point-to-point circuits (P2P), Cloud Connects, AWS Direct Connect, and Azure ExpressRoute, along with implementingIPSec VPN, advanced routing (BGP, EIGRP), security policies (NAT, ACLs, route maps), and network automation. The ideal candidate will also be responsible forproactive network monitoring, performance analysis, and security visibilityusing tools likeSNMP-based monitoring, ExtraHop, and other network analytics platformsto ensure optimal uptime, security, and efficiency. Key Responsibilities Architect, deploy, and optimize ascalable, highly available, and secureenterprise network across350+ locations.
Design and maintainMPLS, DIA, P2P circuits, AWS Direct Connect, and Azure ExpressRouteto ensure high-performance connectivity.
Engineer and supportIPSec VPN tunnelsfor secure remote access and inter-site connectivity.
Implement advancedrouting policiesusingBGP, EIGRP, OSPF, static routes, prefix lists, ACLs, and route maps.
Design and maintainenterprise wireless solutionsincludingCisco WLCs and Access Points.
Administer and maintainCisco routers (ISR, ASR) and switches (Catalyst, Nexus).
ManageInfoblox DDI (DNS, DHCP, IPAM) for resilient name resolution.
Configure and maintainCisco ISE for network access control and authentication policies.
Overseenetwork performance monitoring, SNMP-based alerting, and traffic analysis.
UtilizeExtraHop and other deep packet inspection (DPI) toolsfor real-time traffic visibility and network security monitoring.
Troubleshoot network issues, latency, packet loss, and performance bottlenecks across WAN, LAN, and cloud interconnects.
EnforceAAA, TACACS+, RADIUS, and 802.1X authenticationpolicies.
Develop and enforcefirewall policies, NAT configurations, and access control lists (ACLs).
Ensure compliance withISO 27001, NIST, PCI-DSS, and other industry security frameworks.
Work withSecurity Operations (SOC) teamsto mitigate threats, monitor anomalies, and secure network boundaries.
Deploy and maintainSNMP-based monitoring solutions (SolarWinds, PRTG, Thousand Eyes, Cisco DNA Center, etc.).
ImplementExtraHop for deep packet analysis, application monitoring, and network anomaly detection.
Automate network tasks usingPython, Ansible, Terraform, or equivalent.
OptimizeQoS policies, WAN acceleration, and traffic engineering techniquesto enhance application performance.
Performcapacity planning and proactive performance analysisto optimize network usage and prevent congestion.
Design, deploy, and managehybrid cloud network architecturesinAWS and Azure.
ImplementAWS Direct Connect and Azure ExpressRoute for high-speed cloud connectivity.
Optimizecloud Networks, VPN peering, and virtual network gateways.
Maintain up-to-datenetwork documentation, topology diagrams, and runbooks.
Collaborate withIT, Security, and Infrastructure teamsto align network initiatives with business objectives.
Providetechnical mentorshipto junior network engineers and cross-functional teams.
Required Qualifications & Skills 8-10 years of hands-on experience in network engineering, architecture, and operations.
Strong expertise inMPLS, DIA, P2P circuits, AWS Direct Connect, and Azure ExpressRoute.
Deep knowledge ofrouting protocols (BGP, EIGRP, OSPF), IPSec VPN, NAT, ACLs, route maps.
Extensive experience withCisco routers (ISR, ASR) and switches (Catalyst, Nexus).
Proficiency innetwork monitoring and SNMP-based solutions (SolarWinds, PRTG, ThousandEyes, Cisco DNA Center, etc.).
Hands-on experience withExtraHop for deep packet inspection and traffic analytics.
Experience withInfoblox (DNS, DHCP, IPAM) and Cisco ISE (802.1X, NAC, authentication).
Strong knowledge ofwireless networking (Cisco WLCs, Access Points, RF design, and security policies).
Scripting andnetwork automation experience (Python, Ansible, Terraform, or equivalent tools).
Ability to analyzepacket captures, NetFlow, SNMP logs, and real-time network telemetry.
Certifications Cisco CCNP / CCIE (Enterprise, Security, or Service Provider)
AWS Advanced Networking Specialty
Microsoft Certified: Azure Network Engineer Associate
ExtraHop Certified Professional (ECP)
Infoblox Core DDI Certification
Company: THE SOUTHERN CONNECTICUT GAS COMPANY Mobility Information Please note that any applicant who is not a of the country of the vacancy will be subject to compliance with the applicable immigration requirements to legally work in that country. At Avangrid we provide fair and equal employment and advancement opportunities for all employees and candidates regardless of , , , , , , , marital status, , protected veteran status or any other status protected by federal, state, or local law. If you are an individual with a or a disabled veteran who is unable to use our online tool to search for or to apply for jobs, you may request a reasonable accommodation by contacting our People and Organization department at careers@avangrid.com. Avangrid employees may be assigned a system emergency role and in the event of a system emergency, may be required to work outside of their regular schedule/job duties. This is applicable to employees that will work in Connecticut, Maine, Massachusetts, and New York within Avangrid Network and Corporate functions. This does not include those that will work for Avangrid Power. Job Posting End Date: September-22-2025 #J-18808-Ljbffr