We are seeking a skilled Kubernetes Network Engineer to join our team, responsible for designing, implementing, and maintaining network solutions within Kubernetes environments. The ideal candidate will have a deep understanding of container orchestration, VLAN engineering, networking protocols, cloud infrastructure, and be experienced in optimizing the performance and security of distributed systems. This role involves collaborating closely with development, operations, and security teams to ensure scalable, reliable, and secure Kubernetes-based services, with a special focus on VLAN stacking technologies like Open vSwitch (OVS) and their integration in Modeling and Simulation environments.

 

Key Responsibilities:

Kubernetes Networking:

  • Design, implement, and maintain Kubernetes cluster networking solutions (CNI) for high availability and performance.
  • Configure network policies, service mesh, and ingress controllers for Kubernetes clusters.
  • Optimize networking for containerized workloads, ensuring minimal latency and maximum throughput.
  • Develop and implement VLAN-based network segmentation strategies within Kubernetes clusters, focusing on VLAN stacking (Q-in-Q) to enhance multi-tenant isolation.
  • Utilize Open vSwitch (OVS) for advanced VLAN stacking configurations, ensuring effective traffic management and network isolation.

VLAN Engineering & Stacking:

  • Design and configure VLAN stacking (Q-in-Q) solutions using Open vSwitch for complex network environments, enhancing isolation and security.
  • Collaborate with infrastructure teams to integrate VLAN stacking into hybrid cloud and on-premise environments, enabling seamless connectivity and isolated network segments.
  • Optimize network performance for workloads that require advanced VLAN configurations, ensuring proper handling of encapsulated traffic.

Modeling and Simulation Environments:

  • Apply VLAN stacking techniques to create isolated network segments for modeling and simulation scenarios, ensuring accurate replication of real-world network conditions.
  • Work closely with simulation teams to design network topologies that leverage VLAN technologies for emulating diverse networking environments within Kubernetes.
  • Develop solutions for securely integrating simulated network environments with Kubernetes clusters, allowing for the testing and validation of multi-tenant configurations.

Infrastructure Automation:

  • Automate network infrastructure deployment and management using Infrastructure-as-Code (IaC) tools such as Terraform, Ansible, or Helm.
  • Integrate Kubernetes networking with CI/CD pipelines to enable seamless updates and deployments.
  • Automate VLAN provisioning and management processes, including dynamic adjustments of VLAN tags and configurations for modeling and simulation needs.

Cloud and On-Premise Networking:

  • Configure and maintain networking for multi-cloud Kubernetes deployments (AWS, GCP, Azure) or on-premise environments.
  • Implement VPC peering, VPN connections, and secure inter-cluster communications across hybrid cloud networks.
  • Utilize VLAN stacking for efficient multi-tenant management in hybrid cloud environments, ensuring consistent network policies and segmentation.

Security and Compliance:

  • Implement network security policies using Network Policies, Service Mesh, or Istio.
  • Ensure network security best practices such as encryption, TLS termination, and firewall configuration within Kubernetes.
  • Apply VLAN stacking strategies to enhance traffic isolation, improving security for sensitive workloads in Kubernetes clusters.
  • Perform regular security audits and support incident response for network security issues.

Troubleshooting & Monitoring:

  • Diagnose and resolve network-related issues within Kubernetes clusters.
  • Monitor network performance using tools like Prometheus, Grafana, or ELK Stack.
  • Monitor VLAN performance and ensure proper encapsulation and routing within stacked VLAN environments.
  • Collaborate with DevOps teams to improve reliability and scalability of the network infrastructure.

Collaboration & Documentation:

  • Work closely with developers and infrastructure teams to ensure seamless integration of network features.
  • Provide clear technical documentation and training for network configurations and best practices.
  • Develop documentation and training materials related to VLAN stacking and its application in modeling and simulation environments.

 

Education:

  • Bachelor’s degree in Computer Science, Information Technology, or a related field (or equivalent experience).

Experience:

  • 3+ years of experience in network engineering, preferably with container orchestration platforms like Kubernetes.
  • Experience with Cloud Networking in AWS, Azure, or GCP.
  • Hands-on experience with networking protocols (TCP/IP, DNS, HTTP/S, etc.).
  • Experience in VLAN engineering and VLAN stacking (Q-in-Q) configurations using tools like Open vSwitch (OVS).

Technical Skills:

  • Strong knowledge of Kubernetes and its networking components (CNI, Service Mesh, etc.).
  • Familiarity with network automation tools (Ansible, Terraform, etc.).
  • Experience with cloud-native networking tools such as Calico, Flannel, or Cilium.
  • Proficiency in configuring and managing Open vSwitch (OVS) for VLAN stacking and advanced networking scenarios.
  • Understanding of VPNs, Load Balancers, VPCs, and hybrid cloud networking.
  • Proficiency with network monitoring tools like Prometheus, Grafana, or Kibana.

Soft Skills:

  • Excellent problem-solving and troubleshooting skills.
  • Strong communication skills and ability to work in a collaborative environment.
  • Self-motivated and able to manage multiple priorities in a fast-paced environment.

Preferred Qualifications:

  • Kubernetes certification (CKA or CKS).
  • Familiarity with Service Mesh technologies such as Istio or Linkerd.
  • Experience in applying VLAN technologies to Modeling and Simulation environments.
  • Experience with DevOps tools like Jenkins, GitLab CI/CD, or GitOps practices.
  • Knowledge of microservices architecture and distributed systems.

Other:

Must be able to obtain a SECRET Clearance

Must be a U.S. Citizen

 

Location:

85% Remote

15% Travel to Customer Sites

 

mmbsolutions