Network Automation Engineer

Drew Mallett
Automating Networks at Scale

I design and build production network automation platforms — from device discovery engines and graph databases to event-driven pipelines and self-service web UIs.

See what I've built
31k+
ServiceNow Attributes Updated Daily
3k+
CI Lifecycles Automated via ServiceNow
2k+
Devices Audited Daily for Compliance
15+
Platform Integrations

What I Built

A full-stack network automation platform

End-to-end, production-grade — from the SSH session on the wire to the graph database to the web UI, every layer designed and implemented from scratch.

🔍
Polymorphic Device Discovery Engine
A runtime class-mutation framework that discovers 20+ data types — interfaces, LLDP/CDP neighbors, BGP sessions, MAC/ARP tables, VLANs, routing tables, firewall rule sets — across Cisco (NX-OS, IOS, IOS-XR, IOS-XE), Arista (EOS, CVaaS), Palo Alto, Fortinet, and A10. Each device auto-selects its vendor-specific subclass on connect.
Cisco NX-OS Arista EOS Palo Alto Fortinet SSH / eAPI / REST
🕸️
Graph Database Layer
A Pythonic ArangoDB abstraction providing dict-style access to graph collections, bulk upsert with automatic timestamping, TTL indexes, AQL query helpers, and transparent cluster leader discovery. The network topology is stored as a graph — devices are vertices, adjacencies are edges — enabling path-finding and impact-analysis queries.
ArangoDB AQL Graph Traversal Bulk Upsert
Event-Driven Pipeline (Kafka)
A multi-daemon Kafka consumer framework with per-partition ordering, threaded processing, automatic commit retry, and graceful SIGTERM/SIGHUP handling. Named consumer daemons subscribe to topics and dispatch to device discovery methods — decoupling triggers from execution at enterprise scale.
Apache Kafka Consumer Groups PKCE Ordering Redis / RQ
📊
Intent Model & Temporal Tracking
An intent-based configuration translator that models desired state as structured Python objects and diffs it against discovered state. A temporal graph tracks every configuration change over time, enabling "what changed and when" queries across the entire fleet without relying on external CMDB timestamps.
Intent Model Temporal Graph Config Diff Git Archive
🔗
Multi-System Integrations
Production integrations across the full enterprise toolchain: ServiceNow (CMDB, Incidents, Change Requests), Infoblox IPAM, Cisco ISE (ERS API), Mist wireless, Palo Alto Panorama, Arista CloudVision, InfluxDB time-series, and AWS Secrets Manager. Each integration is a thin Python module with the same access pattern.
ServiceNow Infoblox Cisco ISE Mist AWS
🖥️
Self-Service Web Platform
A Flask web application with LDAP/SSO authentication, ArangoDB-backed sessions, role-based access control, and a modular blueprint architecture. Engineers search devices by hostname, IP, or MAC and get a rich view of interfaces, LLDP neighbors, port stats, CMDB records, and config history. Includes a dynamic AQL-driven reporting engine and auto-generated Swagger docs.
Flask LDAP / Entra SSO ArangoDB Sessions RBAC

Technology

Full-stack, production-grade

Every technology chosen for a reason. No cargo-culting.

Network Vendors

  • Cisco NX-OS / IOS-XR / IOS-XE
  • Arista EOS / CloudVision
  • Palo Alto / Panorama
  • Fortinet / FortiManager
  • A10 Networks
  • Cisco ISE

Data & Messaging

  • ArangoDB (graph + document)
  • Apache Kafka
  • InfluxDB (time-series)
  • Redis / RQ (task queue)
  • AQL (graph queries)

Enterprise Integrations

  • ServiceNow CMDB / ITSM
  • Infoblox IPAM
  • Juniper Mist (wireless)
  • AWS Secrets Manager
  • Git config archive

Web Platform

  • Python / Flask
  • LDAP / Microsoft Entra SSO
  • Gunicorn / Nginx
  • Docker / AWS ECS
  • Terraform (IaC)

Protocols & Libraries

  • Netmiko (SSH)
  • pyATS / Genie
  • NAPALM / pyeAPI
  • Cisco ConfParse
  • TextFSM / NTC Templates

Background

14 years in network engineering

From hands-on routing and switching to designing enterprise-scale automation platforms — with the credentials to back it up.

🎓
B.S. Information Technology
Bachelor of Science
☁️
AWS Cloud Practitioner
Active Certification
🏅
Cisco CCNP
Switch (earned 2015)
⚙️
Expert Network Engineer
Current Role — 2022–Present
Certifications & Credentials
AWS Cloud Practitioner
Amazon Web Services
Active
ITIL® Foundation
AXELOS — Mar 2017
Active
CCNP Switch
Cisco — Mar 2015
Earned
CCNA Routing & Switching
Cisco — Mar 2012
Earned
Security+
CompTIA — Mar 2012
Earned
Network+
CompTIA — Mar 2013
Earned
Project+
CompTIA — Dec 2012
Earned
A+
CompTIA — May 2007
Earned
2011 – 2016
Network Engineering Foundation
Designed and operated enterprise campus, WAN, and data-center networks — BGP, OSPF, MPLS, VXLAN, VLAN segmentation, firewall policy, IPAM, and wireless infrastructure. Earned CCNA R&S, CCNP Switch, CompTIA Security+, Network+, Project+, and A+ during this period, building a deep operational foundation across routing, switching, and security.
Apr 2016 – 2020
Senior Network Engineer
Designed and implemented application/network performance monitoring solutions providing real-time visibility into key services. Built enterprise SPAN/TAP architectures for data-center traffic analysis. Deep analytical troubleshooting using packet capture tools — Wireshark, SteelCentral Packet Analyzer, Riverbed AppInternals, AppResponse, and AppTransaction Xpert. Optimized end-to-end application flows through TCP tuning. Developed and maintained network, security/threat, and voice solutions following formal change management processes. Earned ITIL Foundation certification in 2017.
2020 – 2022
Senior Network Engineer — DevOps & Automation Focus
Pivoted toward Python-first and Ansible-driven automation workflows — config audits, neighbor verification, bulk provisioning. Began designing structured data models backed by graph databases to replace spreadsheet-driven inventory. Built the first iteration of the automation platform, proving the value of programmatic infrastructure management at scale.
2022 – Present
Expert Network Engineer
Promoted to Expert Network Engineer. Architected and delivered a production automation platform: 31k+ ServiceNow attributes updated daily, 3k+ CI lifecycles automated, 2k+ devices audited for config compliance. Built event-driven Kafka pipelines, a Pythonic ArangoDB graph layer, and 15+ platform integrations — all running against live enterprise infrastructure. Rebuilt the platform as a clean, open architecture with modular Flask blueprints, Entra ID SSO, and cloud-native deployment via Docker, AWS ECS, and Terraform. Earned AWS Cloud Practitioner certification.
Full-Stack Ownership
SSH on the wire to the web UI — every layer designed and built from scratch.
Multi-Vendor Fluency
Cisco, Arista, Palo Alto, Fortinet, A10 — 5+ vendor OS families automated in production.
Deep Packet Analysis
Wireshark, SteelCentral, Riverbed APM — enterprise-grade traffic and application performance troubleshooting.
Enterprise Integration
ServiceNow, Infoblox, Cisco ISE, Mist, CloudVision, AWS — unified under one platform.
ITSM & Change Management
ITIL-certified. Every production change follows formal process — from design through implementation and review.
Production Mentality
Everything tested against real infrastructure — not lab demos or proof-of-concepts.

Get in touch

Let's talk automation

Building something in the network automation space? Always happy to compare notes.

GitHub LinkedIn drew@dmalle.com