Cloud Network Engineer

Cloud Network Engineer

Posted 1 day ago by AgreeYa Solutions

Negotiable
Undetermined
Remote
Remote

Summary: The Cloud Network Engineer role at AgreeYa involves designing, implementing, and managing cloud networking solutions with a focus on DNS architecture across hybrid environments. The position requires hands-on experience with DNS in AWS and Azure, alongside strong networking fundamentals. The ideal candidate will support scalable and secure infrastructure while optimizing traffic management and connectivity. This remote position emphasizes automation and continuous improvement in cloud network operations.

Key Responsibilities:

  • Design and manage cloud networking components: AWS VPC / Azure VNet, subnets, route tables, gateways.
  • Implement hybrid connectivity: site-to-site VPN, client VPN, exposure to ExpressRoute / Direct Connect.
  • Configure and maintain route tables (static + dynamic) and basic BGP configurations.
  • Troubleshoot routing issues including connectivity failures and misconfigured routes.
  • Manage DNS zones, records, and configurations to ensure proper domain resolution.
  • Implement DNS security best practices, such as DNSSEC.
  • Migrate current Infrastructure code for DNS records to Terraform.
  • Utilize CI/CD methodology for changes and enable self-service DNS change management.
  • Monitor network/DNS health using cloud-native tools like Azure Monitor and AWS CloudWatch.
  • Investigate and resolve Level 2 network incidents and participate in on-call rotation.
  • Implement and maintain NSGs / Security Groups and Network ACLs.
  • Maintain network diagrams and configuration documentation, and develop runbooks.
  • Identify opportunities for performance improvement and cost optimization.

Key Skills:

  • Solid understanding of TCP/IP, DNS, routing fundamentals, subnetting, and CIDR.
  • In-depth knowledge of DNS, DNSSEC, and BIND.
  • Experience with cloud-based DNS services such as AWS Route 53 and Azure DNS.
  • Knowledge of Linux Bind servers and Windows DNS.
  • Hands-on experience with at least one cloud platform: AWS or Azure.
  • Familiarity with Infrastructure as Code (IaC) tools like Terraform and Ansible.
  • Strong troubleshooting and analytical thinking skills.
  • Ability to work independently on standard tasks.
  • Scripting/automation mindset.
  • Excellent communication and documentation skills.

Salary (Rate): undetermined

City: undetermined

Country: undetermined

Working Arrangements: remote

IR35 Status: undetermined

Seniority Level: undetermined

Industry: IT

Detailed Description From Employer:

Job Title: Cloud Network Engineer

Job Location: Remote/Home Based

Description:

AgreeYa is a global Systems Integrator and is seeking an experienced Cloud Network Engineer with hands-on DNS expertise to design, implement, and operate cloud networking solutions across hybrid environments. This role combines core cloud networking (routing, connectivity, security) with a strong emphasis on enterprise DNS architecture, name resolution, and traffic management.

The ideal candidate brings practical experience managing DNS in AWS and Azure, alongside solid networking fundamentals, and can support scalable, highly available, and secure infrastructure.

Job Responsibilities

Cloud Network Engineering

  • Design and manage cloud networking components:
  • AWS VPC / Azure VNet
  • Subnets, route tables, gateways
  • Implement hybrid connectivity:
  • Site-to-site VPN
  • Client VPN
  • Exposure to ExpressRoute / Direct Connect

Routing & Connectivity Management

  • Configure and maintain:
  • Route tables (static + dynamic)
  • Basic BGP configurations (under guidance)
  • Support traffic flow optimization and routing decisions.
  • Troubleshoot routing issues:
  • Connectivity failures
  • Misconfigured routes
  • Latency or asymmetric routing

DNS Management and Configuration

  • Manage DNS zones, records, and configurations to ensure proper domain resolution and minimize downtime
  • Implement DNS security best practices, such as DNSSEC, to protect DNS infrastructure.

Automation & IaC

  • Migrate the current Infrastructure code for DNS records to Terraform
  • Utilizing CI/CD methodology, ensure changes are implemented via pipelines and can eaasily backout
  • Enable self-service DNS change management using IaC and CI/CD automation
  • Assist with automation of network provisioning and configuration.
  • Maintain version-controlled network configurations.

Operations & Monitoring

  • Monitor network/DNShealth using cloud-native tools:

Azure Monitor, AWS CloudWatch

  • Investigate and resolve Level 2 network incidents.
  • Participate in on-call rotation (if applicable).

Security & Network Segmentation

  • Implement and maintain:
  • NSGs / Security Groups
  • Network ACLs
  • Assist in enforcing segmentation and least-privilege access.
  • Support secure connectivity patterns (private endpoints, service endpoints).

Documentation & Continuous Improvement

  • Maintain network diagrams and configuration documentation.
  • Develop and maintain runbooks for Cloud Network-related operations and incident response.
  • Identify opportunities for:
  • Performance improvement
  • Cost optimization (e.g., NAT gateway usage, egress traffic)
  • Contribute to standardization of network design patterns.

Qualifications:

  • Solid understanding of: TCP/IP, DNS, routing fundamentals, Subnetting and CIDR
  • In-depth knowledge of DNS, DNSSEC, and BIND.
  • Experience with cloud-based DNS services such as AWS Route 53 and Azure DNS
  • Knowledge of Linux Bind servers and Windows DNS
  • Hands-on experience with at least one cloud platform: AWS or Azure
  • Familiarity with Infrastructure as Code (IaC) tools like Terraform, and Ansible.
  • Strong troubleshooting and analytical thinking
  • Ability to work independently on standard tasks
  • Scripting/automation mindset
  • Excellent communication and documentation skills.

Preferred Qualifications:

  • Experience with:
  • Hybrid cloud networking (on-prem to AWS/Azure)
  • VPN configurations and troubleshooting

Exposure to:

  • BGP routing concepts
  • Load balancing
  • AD-DNS, Route 53, Azure DNS
  • Linux, Bind and SVN

Certifications (or in progress):

  • AWS Solutions Architect Associate
  • AWS Certified Advanced Networking/ AZ-700
  • CCNP/CCNA

AgreeYa is a global systems integrator delivering competitive advantage for its customers through software, solutions, and services. Established in 1999, AgreeYa is headquartered in Folsom, California, with a global footprint and a team of more than 2,200 staff across offices. AgreeYa works with 500+ organizations ranging from Fortune 100 firms to small and large businesses across industries such as Telecom, Banking, Financial Services & Insurance, Healthcare, Utility & Energy, Technology, Public sector, Pharma & Biotech, and others. Please visit us at for more information.

AgreeYa is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, gender identity, sexual orientation, national origin, disability, veteran status or other protected characteristics. Visit our website to learn about our Career & Culture.