Job Description
Candidate must be US Citizen or Green Card holder
SCOPE OF SERVICES
We are looking for NSX-T Engineer consultant who will be responsible for reviewing and creating NSX-T firewall rules as well as managing overlay segments and gateway firewalls. The VMWare NSX-T technology being deployed for the FIM Project is new and currently there are no team members that have the individual skill set to manage this new converged technology, which consist of knowledge from Sever, Networking and Security disciplines upon completion.
RESPONSIBILITIES
Providing implementation services for the VMware VCF Software suite of tools (SDDC, vSphere, vSAN, NSX-T, Aria)
Configure T L4/L7 Distributed Firewall rules and IDS/IPS functionality
Configure NSX-T Advanced Local and Global Loadbalancer
Implement Software updates and security patches to the VCF environment.
Administer and support the following technologies: VMware NSX-T Datacenter 3.1.3/3.2.x
MANDATORY SKILLS/EXPERIENCE
Note: Candidates who do not have the mandatory skills will not be considered
Minimum 8 years of hands-on experience in software designed network technologies;
Ability to work independently.
BGP peering between NSX-T and Cisco ACI.
NSX-T Distributed and Gateway Firewalls T1/SR with App ID based Layer7 Firewall rules.
Avi Global(DNS) and Local load balancing, with detailed understanding of various loadbalanced methods and layer7 monitoring of pools for SNAT VIPs.
Understanding of VxLAN/Geneve based Federated stretch NSX-T segments.
Must have the ability to understand VMware ESXi vSphere/vCenter 7.x/8.x NSX-T VDS T1/T0 Segments.
Understanding of VCF Cloud foundation, supporting an on-premises cloud solution with NSX-T extensions into AWS and Azure.
The engineer will be required to implement Workspace One/Horizon VDI solution integrated Azure AD and NSX-T identity-based Firewalling.
Strong understanding of IP/IPv6 based networks, subnetting, and advanced routing protocols is required.
Understanding of configuring, and administering VMWare IT server, networking and SAN storage solutions.
Understanding of hyper converged infrastructure and vSAN technology.
Understanding of Automation: Python, Terraform and Ansible pipelines.
Proficient in Microsoft Visio
Detailed understanding of the following protocols and compliance:
BGP
NSX-T Geneve
DNS
Certificate Authority Service
Azure AD Services and IDP solutions
Microsoft Active Directory
Ipv4 and IPv6 protocols
Security Frameworks: NIST800-53 R4, PCI DSS 3.2.1, IRS Pub1075
CERTIFICATION REQUIREMENTS
VMware Certified Advanced Professional - Network Virtualization Design 2023 Required
DESIRABLE SKILLS/EXPERIENCE:
Knowledge of Aria suite of products including vROPs, vCenters, VRA, and Log Insight.
Knowledge of VMware Horizon.
Cisco CCNP Enterprise Preferred
VMware Certified Design Expert - Network Virtualization 2023 Preferred