Location : ,
NSX-T Systems Engineer
On Site role in Brooklyn, NY (Need local)
12- Month Contract
Job Description
Justification:
OTI provides for sustained, efficient and effective delivery of IT services, infrastructure, and telecommunications to
enhance service delivery to New York City agencies, employees, City partners and constituents. As the City's
technology leader, OTI is responsible for maintaining the foundational IT infrastructure and systems that touch every
aspect of City governments digital life. From public safety to human services, from education to economic development
crossing the full spectrum of governmental operations.
A successful candidate will be responsible for reviewing and creating NSX-T firewall rules as well as managing overlay
segments and gateway firewalls. The VMWare NSX-T technology being deployed for the FIM Project is new and
currently there are no team members that have the individual skill set to manage this new converged technology,
which consist of knowledge from Sever, Networking and Security disciplines upon completion.
SCOPE OF SERVICES
TASKS:
- Providing implementation services for for the VMware VCF Software suite of tools (SDDC, vSphere, vSAN, NSX-T, Aria)
- Configur T L4/L7 Distributed Firewall rules and IDS/IPS functionality
- Configure NSX-T Advanced Local and Global Loadbalancer
- Implement Software updates and security patches to the VCF environment..
- Administer and support the following technologies;
• VMware NSX-T Datacenter 3.1.3/3.2.x
MANDATORY SKILLS/EXPERIENCE Note: Candidates who do not have the mandatory skills will
not be considered
The following skill set is required:
• Minimum 8 years of hands on experience in software design network technologies;
• Ability to work independently.
• BGP peering between NSX-T and Cisco ACI.
•NSX-T Distributed and Gateway Firewalls T1/SR with App ID based Layer7 Firewall rules.
• Avi Global(DNS) and Local load balancing, with detailed understanding of various
loadbalanced methods and layer7 monitoring of pools for SNAT VIPs.
• Understanding of VxLAN/Geneve based Federated stretch NSX-T segments.
• Must have the ability to understand VMware ESXi vSphere/vCenter 7.x/8.x NSX-T VDS T1/T0
Segments.
• Understanding of VCF Cloud foundation, supporting an on-premises cloud solution with NSX[1]T extensions into AWS and Azure.
• The engineer will be required to implement Workspace One/Horizon VDI solution integrated
Azure AD and NSX-T identity-based Firewalling.
• Strong understanding of IP/IPv6 based networks, subnetting, and advanced routing protocols
is required.
• Understanding of configuring, and administering VMWare IT server, networking and SAN
storage solutions.
• Understanding of hyper converged infrastructure and vSAN technology.
• Understanding of Automation: Python, Terraform and Ansible pipelines.
• Proficient in Microsoft Visio
Detailed understanding of the following protocols and compliance:
• BGP
• NSX-T Geneve
• DNS
• Certificate Authority Service
• Azure AD Services and IDP solutions
• Microsoft Active Directory
• Ipv4 and IPv6 protocols
• Security Frameworks: NIST800-53 R4, PCI DSS 3.2.1, IRS Pub1075
Certification Requirements:
• VMware Certified Advanced Professional - Network Virtualization Design 2023 – Required
SKILLS/EXPERIENCE:
Knowledge of Aria suite of products including vROPs, vCenters, VRA, and Log Insight.
Knowledge of VMware Horizon.
• Cisco CCNP Enterprise – Preferred
• VMware Certified Design Expert - Network Virtualization 2023 – Preferred