Job Description:
OneMain Financial is the country\'s largest lending-exclusive financial company, proudly serving millions of customers with safe, affordable, and transparent installment loans. Our customers turn to us every day - online and at over 1,400 branches in 44 states - to help them take control and improve their financial lives. It\'s all about doing the right thing - a mission that hasn\'t changed for more than 100 years.
Role Overview
This is a senior individual contributor role serving as the technical lead for enterprise network operations across cloud, hybrid cloud, on-premise, and application delivery infrastructure. This is not a traditional routing and switching role. The focus is on application delivery, reliability, redundancy, and optimization — making sure traffic gets where it needs to go, stays available, and performs well.
When a system fails and no one documented the original design, this is the person who reverse-engineers the communication path and restores service. The role requires an automation-first mindset, treats documentation as non-negotiable, and expects someone who can navigate ambiguity without waiting for a playbook.
This position typically operates as a team of one, but for larger initiatives you’ll coordinate with engineers borrowed from DevOps, Network Security, and other teams for periods ranging from weeks to months. You’ll need to delegate effectively, maintain quality oversight, and keep projects on schedule.
The split is roughly 85% proactive work (architecture, automation, roadmaps, standards) and 15% reactive incident response. When incidents happen, time-to-resolution is the metric that matters.
Core Responsibilities
Technical Leadership & Architecture
- Serve as the organization’s subject matter expert for network infrastructure across AWS, Azure, and on-premise environments.
- Own application delivery and reliability strategy with a focus on DNS, global traffic management (GSLB), and load balancing — this role is more about ensuring applications are reachable, redundant, and performant than configuring switch ports.
- Take abstract business requests and translate them into detailed technical roadmaps with clear milestones and deliverables.
- Evaluate network products and platforms to prevent overlapping tool purchases or redundant capabilities. Know your open-source alternatives — they frequently outperform commercial products in flexibility.
- Maintain working relationships with vendor sales engineers and stay current on product roadmaps, forecasts, and industry trends without treating analyst reports as gospel.
Automation & Engineering
- Develop and maintain automation using Python, Bash, Ansible, Terraform, and GitHub Actions following a GitOps model.
- Manage secrets and credentials across HashiCorp Vault, Azure KeyVault, and AWS Secrets Manager.
- Build and improve self-service tooling and workflows that reduce manual effort and improve operational consistency.
- Use emerging tools, including AI-assisted development, to accelerate complex task completion.
Troubleshooting & Incident Response
- Troubleshoot from Layer 7 backward through the full network stack, particularly in environments where the original design was undocumented. When a developer or engineer failed to document a service and it breaks, you will likely be the first person called to reverse-engineer the communication.
- Read and interpret packet captures (Wireshark) and browser HAR files to isolate issues at the application and transport layers.
- Work through problems when standard troubleshooting tools are unavailable due to security controls. We need someone who can find the next link in the chain using whatever tools are at hand, not someone whose toolkit stops at ping and traceroute.
- Approach troubleshooting methodically: observe symptoms, form a hypothesis, test one variable at a time, document findings, and iterate. No shotgun debugging.
- Serve as secondary on-call (24/7/365) when the primary on-call engineer is blocked or unable to resolve.
Cross-Functional Leadership & Communication
- Lead borrowed engineers (senior and junior) from adjacent teams on project-based work, maintaining quality standards and keeping deliverables on schedule.
- Mentor junior engineers and contribute to their professional growth by leading through example.
- Translate technical jargon into business benefits and outcomes for non-technical stakeholders.
- Maintain thorough documentation of designs, decisions, and operational procedures. Documentation is not optional.
Strategic Awareness
- Keep a pulse on where network technology is heading and make sure the organization is prepared for what’s coming.
- Independently explore and map the existing network to understand true design intent. No single document can fully encapsulate this environment — the expectation is that you can crawl the network and discover it yourself.
- Spend the time to understand the products available and their capabilities to prevent the purchase of overlapping tools or redundant products.
Additional Information
Mandatory Skills:
Minimum 8 years of experience supporting large enterprise multi-cloud hybrid network stacks. Network & Infrastructure - Deep understanding of DNS architecture, resolution, and troubleshooting — this is foundational to the role. - BGP proficiency across diverse platforms including Azure VWAN, Arista, Aruba, AWS Transit Gateway, Virtual Network Gateways, VPNs, and Palo Alto. - Solid grasp of dynamic routing protocols (OSPF, BGP, EIGRP) and route influencing techniques (local preference, MED, AS path prepend, route maps). - Understanding of high availability designs including VRRP, HSRP, and active/passive and active/active failover architectures. - Familiarity with ECMP and traffic distribution across multiple paths. - Global traffic management, GSLB, and DNS-based load balancing. - Deep understanding of TLS negotiations, cipher exchanges, and common failure points. - HTTP response codes known by heart. - Deep understanding of cloud networking best practices in both Azure and AWS. - Familiarity with WAN circuit technologies: DWDM (WAVE), Type 2, Point-to-Point, and MPLS. - Foundational understanding of SD-WAN concepts including underlay/overlay architecture. - Basic understanding of Kubernetes networking across EKS, AKS, native K8s, and OCP. - Proficiency with Wireshark for packet capture analysis. - Ability to read and interpret browser HAR files. Automation & Tooling - Python scripting and automation development. - Bash scripting and automation. - Ansible for network configuration management and automation. - GitOps workflows and GitHub Actions CI/CD pipelines. - Terraform for infrastructure-as-code provisioning and management across cloud environments. - Secrets management across HashiCorp Vault, Azure KeyVault, and/or AWS Secrets Manager. - Proficient with the Linux command line and system processes. Professional Skills - Ability to operate as a self-directed team of one while effectively leading borrowed resources on larger initiatives. - Experience with both ITSM and Agile project management methodologies. - Demonstrated ability to take abstract or ambiguous requirements and develop detailed execution plans. - Strong written and verbal communication skills with the ability to present technical topics to non-technical audiences. - A thirst for learning new and ever-changing network topologies and products. - Willingness to serve as secondary on-call 24/7/365.
Desired Skills:
Preferred Qualifications - F5 BIG-IP or equivalent Application Delivery Controller (ADC) experience. - NGINX or NGINX Plus experience. - Zscaler or similar cloud security platform experience. - Experience in financial services or other regulated industries; familiarity with audit and compliance frameworks. - Comfort with emerging AI tooling for task acceleration and problem solving.