Network Architect and Specialist onsite

Agile Robots SE is seeking a Network Architect / Network Specialist to define and operate our global on-premise network across multiple geographies and regional offices. You will lead the design and lifecycle of our campus, branch, and data-center networks-including high-performance NVIDIA InfiniBand fabrics that power AI/HPC workloads-while ensuring our controls meet TISAX expectations and internal ISMS requirements, 1) Global Architecture & Standards (On-Site Only)

• Design and document end-to-end on-prem architectures (core/distribution/access/WLAN; DC leaf-spine)
• Establish and maintain global standards: IP addressing & IPAM (NetBox), routing policy, QoS, naming, security baselines, and change control (HLD/LLD, MOP/SOP, rollback)
• Define network zoning & segmentation (VLAN/VRF; optional EVPN/VXLAN where justified) across Office and DMZ networks with clear trust boundaries

2. Routing, Switching, WLAN & Regional Sites

• Engineer BGP/OSPF for WAN & DC; deliver redundancy/failover across carriers and sites
• Own Aruba campus/branch switching and WLAN (coverage, capacity planning, RF hygiene, roaming, WPA2/3-Enterprise)
• Plan and execute site builds/moves/expansions (circuits, last-mile, demarc, handoffs, cutovers) with measurable downtime windows

3. Security, Remote Access & Identity

• Lead FortiGate policy architecture (zones, NAT, segmentation, IDS/IPS) and FortiGate VPN (IPsec/SSL) for site-to-site and remote access, including HA and posture checks
• Implement 802.1X NAC (e.g., Aruba ClearPass) with RADIUS/Active Directory integration; enforce device posture and guest segmentation
• Operate DMZ patterns (reverse proxying, jump hosts, constrained admin planes) and align with TISAX/ISMS requirements

4. High-Performance Networking for AI/HPC

• Design, deploy, and maintain NVIDIA InfiniBand fabrics (topology, cabling/optics, partitioning), including subnet managers (UFM/opensm), congestion control, and path optimization
• Coordinate with compute/storage teams (e.g., DGX/HPC clusters) on throughput, latency, and scale; plan upgrades and fabric expansions

5. Reliability, Observability & Automation

• Deliver high availability (fast convergence, dual-homing, link aggregation/MLAG/VLT) and tested DR/failover
• Implement proactive monitoring/alerting (e.g., Zabbix), telemetry/SNMP, and capacity trends; maintain RCAs and SLOs
• Centralize logging with rsyslog and FortiAnalyzer; enforce retention and integrity for audits
• Use NetBox, Ansible/Python, and Git-based workflows for configuration management, drift control, and repeatable changes

6. Compliance, Risk & Vendor Management (TISAX Focus)

• Map network controls to TISAX expectations (ISMS governance, secure remote access, logging, supplier access, data protection)
• Partner with ISMS owner/CISO on risk assessments, controls testing, and evidence preparation for audits (policies, diagrams, logs, change records)
• Manage carriers and vendors (Fortinet, Aruba, Dell; integrators); lead RFPs, SLAs, and lifecycle planning
• Mentor regional IT; act as L3 escalation for incidents and major changes

Core Technologies @ Agile Robots SE

• Security & Remote Access: FortiGate NGFW, FortiGate VPN (IPsec/SSL), FortiManager/FortiAnalyzer
• Campus/Branch & WLAN: Aruba CX/AOS switching, controllers/APs, ClearPass (802.1X), AirWave (on-prem mgmt)
• Data Center & Fabric: Dell PowerSwitch (OS10), VLT/MLAG; NVIDIA InfiniBand (UFM/opensm).
• Foundational Services: VLAN/VRF, BGP/OSPF, QoS; DHCP/DNS, Active Directory, RADIUS; NetBox(IPAM/DCIM)
• Observability & Automation: Zabbix, rsyslog (retention policy), NetFlow/sFlow; Ansible/Python, Git

Do you have experience in VPN?, * 7+ years in enterprise on-prem networking across multi-site/multi-region environments

• Deep hands-on with FortiGate, Aruba (switching/WLAN), Dell data-center switching, and NVIDIA InfiniBand basics
• Strong routing/switching (BGP, OSPF, VLAN, VRF), segmentation, and DMZ design; HA and fast convergence patterns
• Proven delivery of secure remote access, 802.1X NAC, and logging/monitoring at scale (rsyslog, analyzers, NMS) Experience aligning network controls to ISMS/TISAX (policy design
• evidence)
• Excellent documentation (HLD/LLD, diagrams) and stakeholder communication, * Certifications: Fortinet NSE (4/5/7+), Aruba (ACMA/ACMP/ACSP/ACDX), CCNP/CCIE, Dell networking, and/or NVIDIA networking
• ClearPass NAC depth, FortiManager/FortiAnalyzer, Aruba AirWave; EVPN/VXLAN familiarity
• Exposure to RADIUS/AD integration and FreeRADIUS stack
• Familiarity with Zabbix tuning, syslog retention strategies, and ITSM/change tooling
• Experience segmenting AI/HPC clusters and integrating with storage/compute pipelines

* A dynamic high-tech company combined with financial soundness and world-class investors. * Join an interdisciplinary, international team with 60+ different nationalities in a collaborative work environment. * Lots of development opportunities in the context of our continued growth. * Challenging tasks and impactful projects alongside experts that enable professional and personal growth. * Corporate Benefits Program that covers health, mobility, and learning with 100€ net per month. * Modern office facilities with a rooftop terrace overlooking Munich, free drinks & fruits, and regular company events contribute to a good working environment.