Lead Network Engineer Department: Information Tchnology

Reports to: Director - Network Technology

Location: In Office

, Orange CT

The base salary range for this position is dependent upon experience and location, ranging from: $125,766 - $157,208

Job Summary We are seeking a highly skilled Lead Network Engineer to design, implement, manage, and optimize our large-scale, complex network infrastructure spanning 350+ locations. This role involves managing MPLS, Dedicated Internet Access (DIA), point-to-point circuits (P2P), Cloud Connects, AWS Direct Connect, and Azure ExpressRoute, along with implementing IPSec VPN, advanced routing (BGP, EIGRP), security policies (NAT, ACLs, route maps), and network automation.

The ideal candidate will also be responsible for proactive network monitoring, performance analysis, and security visibility using tools like SNMP-based monitoring, ExtraHop, and other network analytics platforms to ensure optimal uptime, security, and efficiency.

Key Responsibilities

- Architects, deploys, and optimizes a scalable, highly available, and secure enterprise network across 350+ locations.

- Designs and maintains MPLS, DIA, P2P circuits, AWS Direct Connect, and Azure ExpressRoute to ensure high-performance connectivity.

- Engineers and supports IPSec VPN tunnels for secure remote access and inter-site connectivity.

- Implements advanced routing policies using BGP, EIGRP, OSPF, static routes, prefix lists, ACLs, and route maps.

- Designs and maintains enterprise wireless solutions including Cisco WLCs and Access Points.

- Administers and maintains Cisco routers (ISR, ASR) and switches (Catalyst, Nexus).

- Manages Infoblox DDI (DNS, DHCP, IPAM) for resilient name resolution.

- Configures and maintains Cisco ISE for network access control and authentication policies.

- Oversees network performance monitoring, SNMP-based alerting, and traffic analysis.

- Utilizes ExtraHop and other deep packet inspection (DPI) tools for real-time traffic visibility and network security monitoring.

- Troubleshoots network issues, latency, packet loss, and performance bottlenecks across WAN, LAN, and cloud interconnects.

- Enforces AAA, TACACS+, RADIUS, and 802.1X authentication policies.

- Develops and enforces firewall policies, NAT configurations, and access control lists (ACLs).

- Ensures compliance with ISO 27001, NIST, PCI-DSS, and other industry security frameworks.

- Works with Security Operations (SOC) teams to mitigate threats, monitor anomalies, and secure network boundaries.

- Deploys and maintains SNMP-based monitoring solutions (SolarWinds, PRTG, Thousand Eyes, Cisco DNA Center, etc.).

- Implements ExtraHop for deep packet analysis, application monitoring, and network anomaly detection.

- Automates network tasks using Python, Ansible, Terraform, or equivalent.

- Optimizes QoS policies, WAN acceleration, and traffic engineering techniques to enhance application performance.

- Performs capacity planning and proactive performance analysis to optimize network usage and prevent congestion.

- Designs, deploys, and manages hybrid cloud network architectures in AWS and Azure.

- Implements AWS Direct Connect and Azure ExpressRoute for high-speed cloud connectivity.

- Optimizes cloud Networks, VPN peering, and virtual network gateways.

- Maintains up-to-date network documentation, topology diagrams, and runbooks.

- Collaborates with IT, Security, and Infrastructure teams to align network initiatives with business objectives.

- Provides technical mentorship to junior network engineers and cross-functional teams.

Required Qualifications

- Bachelor’s degree in Computer Science, Network Engineering, or relevant field and a minimum of 7 years of hands-on experience with network engineering, architecture, and/or operations. An equivalent combination of education and experience may be considered.

- Strong expertise in MPLS, DIA, P2P circuits, AWS Direct Connect, and Azure ExpressRoute.

- Deep knowledge of routing protocols (BGP, EIGRP, OSPF), IPSec VPN, NAT, ACLs, route maps.

- Solid experience with Cisco routers (ISR, ASR) and switches (Catalyst, Nexus).

- Proficiency in network monitoring and SNMP-based solutions (SolarWinds, PRTG, ThousandEyes, Cisco DNA Center, etc.).

- Hands-on experience with ExtraHop for deep packet inspection and traffic analytics.

- Experience with Infoblox (DNS, DHCP, IPAM) and Cisco ISE (802.1X, NAC, authentication).

- Solid knowledge of wireless networking (Cisco WLCs, Access Points, RF design, and security policies).

- Scripting and network automation experience (Python, Ansible, Terraform, or equivalent tools).

- Ability to analyze packet captures, NetFlow, SNMP logs, and real-time network telemetry.

Preferred Certifications

- Cisco CCNP / CCIE (Enterprise, Security, or Service Provider)

- AWS Advanced Networking Specialty

- Microsoft Certified: Azure Network Engineer Associate

- ExtraHop Certified Professional (ECP)

- Infoblox Core DDI Certificatio

Company

CONNECTICUT NATURAL GAS CORPORATION

Mobility Information

Please note that any applicant who is not a citizen of the country of the vacancy will be subject to compliance with the applicable immigration requirements to legally work in that country.

At Avangrid we provide fair and equal employment and advancement opportunities for all employees and candidates regardless of race, color, religion, national origin, gender, sexual orientation, age, marital status, disability, protected veteran status or any other status protected by federal, state, or local law.

If you are an individual with a disability or a disabled veteran who is unable to use our online tool to search for or to apply for jobs, you may request a reasonable accommodation by contacting our People and Organization department at careers@avangrid.com.

Avangrid employees may be assigned a system emergency role and in the event of a system emergency, may be required to work outside of their regular schedule/job duties. This is applicable to employees that will work in Connecticut, Maine, Massachusetts, and New York within Avangrid Network and Corporate functions. This does not include those that will work for Avangrid Power.

Job Posting End Date

October-10-2025