DDI Engineer

Seeking a DDI Architect / Engineer (DNS, DHCP, IPAM) for a long term contract in the Metro NYC area for our direct client.

Hybrid at least 1 day a week onsite

Job Summary:

We are seeking a DDI Architect / Engineer with deep expertise in BlueCat DNS, DHCP, and IPAM solutions. This role will be responsible for an enterprise-grade DDI (DNS, DHCP, and IP Address Management) environment while ensuring security, scalability, and high availability. The ideal candidate has strong experience in automating DNS/DHCP management, troubleshooting DDI issues, and integrating BlueCat solutions into hybrid cloud and on-prem environments.

Key Responsibilities:

BlueCat DNS, DHCP Architecture & Implementation:

• Design, deploy, and manage BlueCat Address Manager (BAM), BlueCat DNS/DHCP Server (BDDS), and BlueCat Edge in large-scale environments.
• Configure and maintain DNS zones, records, forwarding rules, and policies across multi-site architectures.
• Implement DHCP scopes, reservations, failover setups, and subnet allocation strategies.
• Manage IP Address Management (IPAM) functions, including subnetting, IPv4/IPv6 allocations, and network tracking.
• Ensure DNS/DHCP redundancy, scalability, and optimal performance across enterprise networks.

Security, Compliance & Optimization:

• Implement DNS security features such as DNSSEC, DNS Firewall, RPZ (Response Policy Zones), and BlueCat Edge threat protection.
• Secure DNS against DDoS attacks, cache poisoning, and DNS tunneling threats.
• Enforce industry best practices (NIST, ISO, ITIL) and compliance policies for DNS and DHCP.
• Monitor and optimize DNS and DHCP performance to ensure high availability and low-latency name resolution.

Automation, Cloud & Integration:

• Automate DNS and IPAM workflows using BlueCat APIs, Python, Ansible, PowerShell, or Terraform.
• Integrate BlueCat DDI solutions with AWS, Azure, Google Cloud, VMware NSX, and hybrid multi-cloud environments.
• Work with DevOps and Infrastructure teams to streamline network automation and service deployments.

Troubleshooting & Support:

• Act as the subject matter expert (SME) for DNS, DHCP, and IPAM-related issues in the organization.
• Troubleshoot and resolve DNS resolution failures, DHCP lease issues, and IP conflicts efficiently.
• Provide tier-3 escalation support and coordinate with BlueCat support teams for complex DDI-related incidents.
• Maintain detailed documentation, playbooks, and network diagrams for operational efficiency.

Required Qualifications & Experience:

Technical Expertise:

• 5 years of experience in DNS, DHCP, and IPAM (DDI) solutions in enterprise environments.
• Strong experience with BlueCat Integrity or Edge, BlueCat Address Manager (BAM), and BDDS.
• In-depth knowledge of DNS protocols (Bind, RFC 1034/1035), DHCP configurations, and IPv4/IPv6 subnetting.
• Proficiency in scripting and automation using Python, Ansible, REST APIs, PowerShell, or Terraform.
• Experience working with hybrid cloud architectures, AWS, Azure, and on-prem DDI deployments.
• Strong understanding of DNS security practices (DNSSEC, RPZ, DNS Firewall, DoH/DoT, and BlueCat Edge Security features).

Preferred Qualifications (Nice to Have):

BlueCat Certified Professional (BCCA, BCCP, BCP)

Infoblox Core DDI Certification (NIO-301, NIO-302)

Cisco Certified Network Professional (CCNP) or CCIE (Enterprise, Security)

Cloud networking certifications (AWS, Azure, or Google Cloud DNS/IPAM-related)