Technology Architect - Network Architect

The Senior Technology Architect (STA) - Network owns the end-to-end network architecture across data center, campus, WAN/SD-WAN, cloud, and edge environments. The role defines strategy, blueprints, and guardrails; leads complex transformations; and ensures the network platform delivers resilience, security (Zero Trust), performance, and cost efficiency. The STA partners with product, security, platform engineering, and operations to architect vendor-agnostic, automation-first designs that scale across global enterprises., 1) Architecture & Strategy

• Define the network target state (DC, Campus, WAN/SD-WAN, Cloud Networking, Edge) with reference architectures, patterns, and standards.
• Create high-level and low-level designs (HLD/LLD), including L2/L3, routing, segmentation, DNS, IPAM, firewalling, service insertion, and observability.
• Establish multi-cloud network architectures (AWS/GCP/Azure) covering VPC/VNet design, Transit Gateways, Private Service Connect/Endpoint, Direct Connect/Interconnect, cross-cloud connectivity, and service mesh integration.
• Lead modernization from legacy to EVPN/VXLAN fabrics, intent-based networking, Zero Trust segmentation, and SASE/SSE.

2. Network Security & Zero Trust

• Apply Zero Trust principles across identity-aware segmentation, micro/macro segmentation (e.g., SDN, NSX-T, ACI, TGW/Cloud WAN firewalls), secure east-west and north-south flows.
• Define security guardrails (FWaaS, NGFW, WAF, IDS/IPS, DDoS, DNS security), key management, and policy-as-code; integrate with SIEM/SOAR.
• Partner with the CISO and platform teams to align with NIST, CIS, ISO 27001, and regulatory standards (e.g., telco/public sector as applicable).

3. Performance, Resilience & Availability

• Engineer for high availability (multi-AZ/region, fast reroute, ECMP, anycast, graceful restart) and deterministic performance for latency-sensitive workloads (including telco and real-time apps).
• Define traffic engineering strategies (QoS/CoS, policy-based routing, segment routing, MPLS/EVPN/VXLAN, SR-MPLS/SRv6).
• Design DR and failover topologies; conduct chaos/resilience testing and capacity planning.

4. Automation, IaC & Observability

• Drive automation-first delivery using Terraform/Ansible/Python and network controllers/SDKs; embed policy-as-code and compliance checks into CI/CD.
• Implement observability: streaming telemetry, NetFlow/IPFIX, SNMP, syslog, synthetic testing, path analytics, digital experience monitoring (DEM).
• Govern SRE practices: SLO/SLI/error budgets for network services; automate pre-/post-change validation and rollbacks.

5. Cloud & Edge Networking

• Architect cloud networking at scale: VPC/VNet design, routing domains, NAT, ingress/egress, hybrid connectivity (DX/Interconnect/VPN), service discovery, PrivateLink/PSC.
• Integrate Kubernetes networking (CNI, Ingress/Egress, service mesh like Istio/Cilium), and secure service-to-service communication.
• Support edge/IoT networking patterns, SD-Branch, and local breakout with unified policy.

6. SD-WAN / SASE & WAN Transformation

• Lead SD-WAN strategy and migration from MPLS to internet/5G underlay with application-aware routing and performance SLAs.
• Define SASE/SSE reference patterns (ZTNA, SWG, CASB, DNS security, FWaaS) aligned with identity and device posture.

7. Stakeholder Leadership & Delivery Governance

• Advise executives on network strategy, roadmap, TCO/ROI, and risk.
• Chair Design Authority; review HLD/LLD, test plans, and change windows; ensure design compliance and non-functional requirements (NFRs) are met.
• Mentor architects/engineers; cultivate reusable patterns and accelerators.

Core Networking

• Expert in routing & switching (OSPF, BGP, IS-IS), EVPN/VXLAN, MPLS, QoS/CoS, multicast, NAT, DNS/DHCP/IPAM.
• Proven experience designing leaf-spine data center fabrics, campus architectures, and global WANs.

Security & Zero Trust

• Deep knowledge of segmentation (macro/micro), NGFWs, IDS/IPS, DDoS, WAF, PKI, identity-driven policy, and SASE/SSE platforms.
• Hands-on with policy design across on-prem and cloud; integration with SIEM/SOAR.

Cloud & Container Networking

• Strong with AWS/GCP/Azure networking (VPC/VNet, TGW/Cloud WAN, PrivateLink/PSC, Route 53/Cloud DNS, load balancers).
• Familiar with Kubernetes networking (CNIs like Calico/Cilium, NetworkPolicies, Ingress/Egress, service mesh).

Automation & Tooling

• Proficient in Terraform, Ansible, Python, Git-based workflows, CI/CD for network changes, compliance checks (e.g., CIS Benchmarks).
• Observability with Prometheus/Grafana, App/Net Performance Monitoring, NetFlow/IPFIX, streaming telemetry.

Telco / High-Performance (Nice to Have but Highly Valued)

• Understanding of SR-IOV, DPDK, SCTP, 5G core networking concepts, UPF placement, and deterministic low-latency patterns.
• Experience with NEF/SEPP security considerations, MEC/edge, and interconnect with public cloud., * 12+ years in networking with 5+ years in architecture leadership roles.
• Certifications (mix of vendor and cloud beneficial): CCNP/CCIE, AWS/Azure/GCP networking-focused certs.
• Bachelor's or Master's in Computer Science, Engineering, or related discipline (or equivalent experience).

Infosys is a global leader in next-generation digital services and consulting. We enable clients in 50+ countries to navigate their digital transformation. With over three decades of experience in managing the systems and workings of global enterprises, we expertly steer our clients through the many next of their digital journey. We do it by enabling the enterprise with an AI-powered core that helps prioritize the execution of change. We also empower the business with agile digital at scale to deliver unprecedented levels of performance and customer delight. Our always-on learning agenda drives their continuous improvement through building and transferring digital skills, expertise, and ideas from our innovation ecosystem. Visit www.infosys.com to see how Infosys can help your enterprise navigate your next. All aspects of employment at Infosys are based on merit, competence, and performance. We are committed to embracing diversity and creating an inclusive environment for all employees. Infosys is proud to be an equal opportunity employer