DDOT - Field Network Engineer ITS Infras.
Job DescriptionJob DescriptionShort Description:
DDOT is seeking a hands-on Field Network Engineer to serve as a senior technical resource within the Intelligent Transportation Systems (ITS) program.
Complete Description:
The District Department of Transportation (DDOT) is seeking a hands-on Field Network Engineer to serve as a senior technical resource within the Intelligent Transportation Systems (ITS) program. This role is responsible for the design, deployment, and day-to-day operations of a secure, highly available ITS network connecting traffic signals, video surveillance systems, and IoT devices across the District of Columbia.
The network environment leverages Metro Ethernet services as the transport underlay and a Cisco DMVPN secure overlay to link distributed field sites back to DDOTs headend facilities and data centers. The engineer will work in both field and datacenter environments, with a focus on uptime, safety, and reliability in mission-critical operations.
Key Responsibilities
DMVPN & Secure Overlay Networking
Deploy and support Cisco DMVPN (Phase 2/Phase 3) hub-and-spoke and spoke-to-spoke overlay networks across Metro Ethernet transport.
Configure and troubleshoot IPsec VPN profiles, GRE tunnels, NHRP mappings, and tunnel interfaces for the DMVPN fabric.
Implement dynamic routing protocols (BGP, OSPF, EIGRP) over DMVPN tunnels to support automated failover and optimal path selection.
Design failover and redundancy strategies, including LTE/5G backup paths, to ensure uninterrupted connectivity during circuit or equipment outages.
Monitor tunnel health, latency, and throughput to maintain performance standards across all VPN connections.
Metro Ethernet & WAN Transport
Coordinate with service providers on Metro Ethernet circuit provisioning (E-Line, E-LAN), turn-up, and incident resolution.
Manage dual-WAN redundancy models and carrier handoff configurations at each site.
Perform field installations and cutovers of routers, switches, cabinets, and handoff equipment.
Network Engineering & Operations
Manage VLAN configurations, IP addressing schemes, and Layer 2/Layer 3 connectivity between remote aggregation points and headend data centers.
Implement and maintain network segmentation using VRFs, VLANs, and firewall policies to isolate ITS traffic domains.
Apply and tune QoS policies to prioritize latency-sensitive traffic such as signal control and video.
Troubleshoot network issues end-to-end from field site through WAN transport to data center.
Maintain accurate network documentation including diagrams, IP assignments, equipment inventories, and configuration records.
ITS Infrastructure Support
Support Dots traffic signal control systems, CCTV/video surveillance platforms, and IoT field devices by ensuring reliable, low-latency transport connectivity.
Coordinate field cabinet upgrades to accommodate new network equipment, including power and environmental requirements.
Manage the migration of remote aggregation points from legacy infrastructure to modern DMVPN-based transport.
Monitor network performance, availability, and service-level compliance across all ITS transport links.
Security & Compliance
Ensure all network connections utilize encrypted communications per DDOT and District government security policies.
Manage VPN certificate lifecycles, key rotation, and trust domain configurations.
Implement IoT security and segmentation best practices for field-deployed devices.
Support security audits, vulnerability assessments, and remediation efforts on ITS network infrastructure.
Work Environment
- Combination of field work (street-level cabinets, utility corridors), data center operations, and remote support.
- Travel to field locations across the District required; valid drivers license required.
- Ability to lift and rack network equipment up to 50 lbs.
- Participation in scheduled maintenance windows and on-call availability for after-hours emergency response.
Candidate Skills Matrix:
Following sections are to be filled by the candidate:
Skills | Required/Desired | No. of Years | How many years of experience candidate has?
Bachelors degree in Computer Science, Information Technology, Network Engineering, or a related field (or equivalent professional experience). | Required | 15 |
Conveying technical and functional concepts for a specific technical specialty | Required | 11 |
Preparing complex technical documentation | Required | 11 |
Experience with Intelligent Transportation Systems (ITS) including traffic signal controllers, CCTV/video surveillance transport, and traffic manageme | Required | 11 |
Experience with LTE/5G failover solutions | Required | 7 |
Network automation skills using Ansible or Python-based scripting. | Required | 11 |
Knowledge of IoT security and segmentation best practices. | Required | 5 |
Knowledge of high-availability network design, redundant architectures, and disaster recovery planning. | Required | 8 |
Fiber optic network experience including single-mode fiber design, SFP/SFP+ transceivers | Required | 11 |
Prior experience working with a state or municipal Department of Transportation. | Required | 10 |
Active CCNA Certification | Required | |
CCIE Enterprise Infrastructure, Certified Fiber Optic Technician (CFOT) or equivalent, CompTIA Network+ or Security+ ITIL v4 Foundation | Highly desired | |
Background check:
- Extensive criminal history background check will be required. We cannot submit candidates with recent histories (go back seven years) of extensive driving, drug, robbery or any other illegal activity. Any criminal activity on the background check will eliminate the candidate from consideration. If selected, please make certain that you inform all candidates that they will have to complete this criminal background check prior to starting. background checks are required; Federal background checks are NOT compliant under this contract. A background check is a criminal background check that pulls criminal records from State and County Courts in almost every US State.