Senior Network Automation Engineer (Linux, API, DNS DoH/DoT)

Location:Remote (Europe)

Preferred Regions:Poland, Portugal, Romania, Spain (low-cost EU regions)

Open Positions:1

Role Overview

We are seeking a Senior/Lead Network Automation Engineerto design and operate a modern, API-driven infrastructure. This role focuses on automation-first networking, DNS policy as code, and secure DNS implementations (DoH/DoT).

You will play a critical role in building scalable automation frameworks, managing Linux-based network environments, and ensuring high reliability and observability across DNS and network services.

Key Responsibilities

Automation & Infrastructure as Code

1. Develop and maintain Ansible roles/collectionsfor network and DNS automation

2. Implement API-first integrations (REST/JSON)with Cisco and DNS platforms

3. Ensure code quality via Molecule testing, linting, and CI pipelines

Policy Engineering

1. Translate business requirements into:

2. ipsets & ACLs

3. DNS policies (RPZ, split-horizon)

4. Cisco SSE policies via APIs

5. Enforce policy-as-code principles

Linux Network Orchestration

1. Manage Linux-based network systems (iptables, routing, configs)

2. Implement baseline configurations, drift detection, and compliance checks

DNS DoH/DoT Ownership

1. Design and manage DNS over HTTPS (DoH)and DNS over TLS (DoT)

2. Handle PKI, certificate lifecycle, and trust chains

3. Define fallback strategies (UDP/TCP 53) and egress policies

4. Ensure compatibility with proxy/PAC environments

5. Execute canary releases and staged deployments

CI/CD & GitOps

1. Build and maintain pipelines using GitHub/GitLab CI + AWX/Tower

2. Implement progressive delivery, approvals, and rollback strategies

Observability & Reliability

1. Monitor systems using metrics, logs, and synthetic tests

2. Define and manage SLOs, SLIs, and error budgets

3. Lead incident response and post-mortem analysis

Vendor & API Integration

1. Act as the technical lead for Cisco APIs(Umbrella, Secure Access SSE)

2. Integrate third-party networking and DNS services

Required Experience

1. 5+ yearsin Linux systems engineering (network-focused)

2. iptables, ipsets, routing, TCP/IP fundamentals

3. 3+ years of Ansible at scaleRoles, Jinja2, dynamic inventory, Vault

4. Molecule testing, linting tools, AWX/Tower workflows

5. Strong experience with API-driven automation (Python + Ansible)

6. Hands-on experience with GitOps & CI/CD pipelines

7. Deep knowledge of DNS architecture, including:

8. Split-horizon DNS, RPZ

9. DoH/DoT (client & resolver level)

10. PKI, fallback strategies, telemetry

Nice to Have

1. Cisco ecosystem: Umbrella, Secure Access SSE, Meraki, FTD, ISE, SD-WAN

2. Cloud networking: AWS Route53, Azure DNS, GCP DNS

3. Terraform (network/DNS automation)

4. Docker / Kubernetes

5. Observability tools: Prometheus, Grafana, ELK, Splunk

6. Network telemetry: SNMP, NetFlow/IPFIX

Working Style

1. Strong focus on Infrastructure as Code & GitOps

2. Emphasis on automation, testing, and auditability

3. Use of progressive delivery (canary + staged rollouts)for critical systems

Tools & Technologies

1. Ansible, AWX/Tower, Molecule, Jinja2

2. GitHub/GitLab CI

3. Python (requests, pydantic, click), Bash

4. Cisco APIs (Umbrella, SSE)

5. Linux networking (iptables/ipsets)

6. Monitoring: Prometheus/Grafana / ELK / Splunk

Application Requirements

1. Share links to relevant automation projects or repositories

2. Include a brief description of a DoH/DoT implementationyou have designed or managed