Job Description

Roles & Responsibilities

We are looking for an experienced Ansible L2 Automation Engineer to design, develop, integrate, and support enterprise automation use cases across a large banking IT environment. The resource will automate day-to-day operations, provisioning, patching, health checks, compliance checks, and remediation workflows across infrastructure, cloud, network, security, database, middleware, AIX, VMware, Nutanix, OCI, and mainframe-related environments.

Key Responsibilities

• Design and maintain a modular, role-based Ansible project structure (collections, roles, playbooks) aligned to banking ITSM standards (ITIL v4).
• Build and enforce Ansible best practices: idempotency, error handling, vault secrets management, and tag-based execution strategies.
• Develop reusable Ansible Collections for internal consumption and publish to a private Automation Hub / Galaxy.
• Integrate Ansible with AWX / Ansible Automation Platform (AAP) 2.x for workflow orchestration, RBAC, and audit trail.
• Architect end-to-end CI/CD pipelines for playbook testing (Molecule, ansible-lint, YAML lint) via GitLab CI / Jenkins.
• Automate VM lifecycle: provisioning, cloning, snapshot management, decommissioning via community. VMware collection.
• Integrate with vRealize Orchestrator and NSX-T for network-aware VM provisioning.
• Health checks: datastore capacity, VM sprawl detection, HA/DRS cluster status, vCenter certificate expiry.
• Automate cluster provisioning, VM creation, disk/network attachment via nutanix. ncp collection
• Automate OCI resource provisioning: Compute instances, VCNs, subnets, Block Volumes, OCI Vault secrets via oracle. oci collection.
• Implement cost governance: tag enforcement playbooks, idle resource detection, and scheduled shutdown/startup.
• Automate AIX system provisioning via NIM (Network Installation Manager) integrated with Ansible.
• Manage LPAR lifecycle, VIOS virtual adapter configuration, and WPARs using ibm. power aix collection.
• Automate configuration management for multi-vendor network devices (Cisco IOS/NX-OS, Juniper JunOS, Arista EOS, F5 BIG-IP) using platform-specific Ansible collections.
• Implement network compliance playbooks: enforce baseline configs, detect drift, and remediate via NAPALM / netconf / RESTCONF.
• Design and operate bank-wide OS patching automation for Linux (RHEL, SLES, Ubuntu), Windows Server, AIX, and OCI instances.
• Integrate patching workflows with ServiceNow: auto-open CRQs, update CMDB, close with compliance evidence.
• Develop and schedule comprehensive health-check playbooks for all platforms (daily/weekly/on-demand).
• Build capacity reporting automation: CPU/memory/storage trending, forecast alerts.

TECHNICAL SKILLS & PLATFORM

Ansible Core

AAP 2.x / AWX, Ansible Navigator, Ansible Lint, Molecule, RBAC, Execution Environments, Collections, Vault

VMware

vSphere 7/8, vCenter, ESXi, NSX-T, vSAN, vROps, SDDC Manager, community. VMware

CI/CD & DevOps

GitLab CI, Jenkins, Git, Jinja2, YAML, Python 3.x, Bash, REST API, JSON/YAML parsing

ITSM & Monitoring

ServiceNow (CMDB, CRQ, Incident), Splunk, ELK Stack, Grafana, Prometheus, Dynatrace

Security & Compliance

CIS Benchmarks, STIG, PCI-DSS, SWIFT CSP, HashiCorp Vault, CyberArk AAM, Qualys/Tenable API

CERTIFICATIONS REQUIRED & RECOMMENDED

• Red Hat Certified Specialist in Advanced Automation (EX374)
• Red Hat Certified Engineer (RHCE EX294 Ansible)
• Ansible Automation Platform (AAP) Implementation
• Red Hat Certified Architect (RHCA)