Nsx-T Engineer

Candidate must be US Citizen or Green Card holder

SCOPE OF SERVICES

We are looking for NSX-T Engineer consultant who will be responsible for reviewing and creating NSX-T firewall rules as well as managing overlay segments and gateway firewalls. The VMWare NSX-T technology being deployed for the FIM Project is new and currently there are no team members that have the individual skill set to manage this new converged technology, which consist of knowledge from Sever, Networking and Security disciplines upon completion.

RESPONSIBILITIES

Providing implementation services for the VMware VCF Software suite of tools (SDDC, vSphere, vSAN, NSX-T, Aria)

Configure T L4/L7 Distributed Firewall rules and IDS/IPS functionality

Configure NSX-T Advanced Local and Global Loadbalancer

Implement Software updates and security patches to the VCF environment.

Administer and support the following technologies: VMware NSX-T Datacenter 3.1.3/3.2.x

MANDATORY SKILLS/EXPERIENCE

Note: Candidates who do not have the mandatory skills will not be considered

Minimum 8 years of hands-on experience in software designed network technologies;

Ability to work independently.

BGP peering between NSX-T and Cisco ACI.

NSX-T Distributed and Gateway Firewalls T1/SR with App ID based Layer7 Firewall rules.

Avi Global(DNS) and Local load balancing, with detailed understanding of various loadbalanced methods and layer7 monitoring of pools for SNAT VIPs.

Understanding of VxLAN/Geneve based Federated stretch NSX-T segments.

Must have the ability to understand VMware ESXi vSphere/vCenter 7.x/8.x NSX-T VDS T1/T0 Segments.

Understanding of VCF Cloud foundation, supporting an on-premises cloud solution with NSX-T extensions into AWS and Azure.

The engineer will be required to implement Workspace One/Horizon VDI solution integrated Azure AD and NSX-T identity-based Firewalling.

Strong understanding of IP/IPv6 based networks, subnetting, and advanced routing protocols is required.

Understanding of configuring, and administering VMWare IT server, networking and SAN storage solutions.

Understanding of hyper converged infrastructure and vSAN technology.

Understanding of Automation: Python, Terraform and Ansible pipelines.

Proficient in Microsoft Visio

Detailed understanding of the following protocols and compliance:

BGP

NSX-T Geneve

DNS

Certificate Authority Service

Azure AD Services and IDP solutions

Microsoft Active Directory

Ipv4 and IPv6 protocols

Security Frameworks: NIST800-53 R4, PCI DSS 3.2.1, IRS Pub1075

CERTIFICATION REQUIREMENTS

VMware Certified Advanced Professional - Network Virtualization Design 2023 Required

DESIRABLE SKILLS/EXPERIENCE:

Knowledge of Aria suite of products including vROPs, vCenters, VRA, and Log Insight.

Knowledge of VMware Horizon.

Cisco CCNP Enterprise Preferred

VMware Certified Design Expert - Network Virtualization 2023 Preferred