Network Architect

Must Have Technical/Functional Skills Routing & Switching

• Expert in OSPF, BGP, IS-IS, route redistribution, filtering, communities, path selection.
• IPv4/IPv6, NAT, multicast (PIM), ECMP, HA pairs/stacking, MLAG/vPC.

Data Center & Campus

• VXLAN/EVPN fabrics, spine leaf, EVPN, L2/L3 segmentation.
• Wireless/Wi Fi 6/6E, RF planning, identity-based access.

WAN / Edge / Remote

• SD WAN (Cisco/Viptela, Meraki, Aruba, Versa, Fortinet, Palo Alto, etc.).
• SASE/SSE (Zscaler, Prisma Access, Netskope) and Zero Trust access patterns.

Security Integration

• Next gen firewalls, IPS/IDS, micro-segmentation (NSX-T/ACI/Illumio), NAC (ISE/ClearPass).
• TLS/IPsec, MACsec, PKI, AAA, RADIUS/TACACS+, device hardening.

Cloud Networking

• AWS: VPC, TGW, PrivateLink, GWLB, Route 53, NLB/ALB, SG/NACL.
• Azure: VNet, vWAN, ExpressRoute, Private Link, Azure Firewall, Front Door, DNS.
• GCP: VPC, Cloud Router/NAT, Interconnect, Cloud DNS, Load Balancing.
• Hybrid connectivity (MPLS, DIA, ExpressRoute/Direct Connect/Interconnect), routing, and security.

Wireless and Remote Access:

• Implementation and management of enterprise Wi-Fi (WLCs, RADIUS, 802.1X, WPA3).
• Experience with remote access VPN (SSL/IPsec), SD-WAN, and policy-based routing., * Architecture & Design
• Define target-state network architectures (LAN/WAN, data center, campus, branch, edge, SD-WAN, SASE, Zero Trust, Wi Fi).
• Produce HLD/LLD (High-/Low-Level Designs), reference architectures, bill of materials, and network diagrams.
• Architect cloud networking across AWS/Azure/GCP (VPC/VNet, transit, private link, routing, DNS, FW, load balancing, service mesh integration).
• Design resiliency and performance: HA, ECMP, QoS, traffic engineering, capacity planning, multi-region patterns.
• Define standards, policies, and patterns (naming, IPAM, routing, segmentation, encryption, observability).
• Implementation & Delivery
• Lead proofs-of-concept and pilots for new technologies (SD WAN/SASE/NAC/automation frameworks).
• Guide implementation teams; review configuration templates, change plans, and cutover runbooks.
• Establish automation-first workflows for provisioning, configuration, compliance, and drift remediation.
• Security & Compli ance
• Embed Zero Trust principles: micro/macro segmentation, identity-aware networking, secure access.
• Partner with Security to integrate NAC, IDS/IPS, FWaaS, DLP, CASB/SSE/SASE, and logging pipelines.
• Ensure compliance with ISO 27001, SOC 2, PCI-DSS, and data residency/regulatory requirements.
• Operations & Reliability
• Define SLOs/SLAs, capacity thresholds, and monitoring KPIs (availability, latency, loss, jitter).
• Build observability: NetFlow/IPFIX, SNMP, streaming telemetry, syslog, packet brokers, NPM/APM.
• Drive problem management: root-cause analysis (RCA), post-incident reviews, and prevention plans.
• Automation and Network Management:
• Scripting and automation with Python, Ansible, Terraform, or similar tools for network provisioning and configuration management.
• Familiarity with Infrastructure as Code (IaC) principles.
• Integration with network management and monitoring platforms (SolarWinds, NetBrain, Cisco DNA Center).
• Governance & Leadership
• Own the network technology roadmap and multi year investment plan (TCO/ROI).
• Lead vendor selection, bake offs, and contract/SKU optimization.
• Mentor engineers, uplift standards, and evangelize best practices across teams.
• Communicate complex topics to both executive and engineering audiences.

Do you have experience in Wireless networking?