Senior Network Architect

Cisco ACI & Data Center Networking

• Design, implement, and maintain Cisco Nexus platforms running ACI mode, including VRFs, Bridge

Domains, EPGs/ESGs, L3Out, contracts, and fabric policies.

• Integrate ACI with virtualization and container platforms including Red Hat OpenShift VMM and

Isovalent/Cilium.

• Configure and optimize RoCEv2 within the ACI fabric for high-performance, low-latency workloads.
• Conduct advanced troubleshooting of ACI fabric health, faults, endpoint learning, contracts, and

multi-tenant segmentation.

• Develop and maintain fabric documentation, standards, and operational procedures.

Cisco Catalyst & Software-Defined Access

• Deploy and support Cisco Catalyst platforms within campus environments.
• Design and maintain Software-Defined Access (SDA) architectures, including SDA Wired Fabric and

Fabric-Enabled Wireless.

• Manage fabric underlay and overlay, policy mapping, authentication integrations, and assurance

operations.

• Collaborate with wireless engineers to optimize coverage, performance, and policy enforcement

across SDA.

Identity-Driven Networking & Security Technologies

• Configure and administer Cisco Identity Services Engine (ISE) for TACACS+ device administration,

authentication and authorization policy sets, and endpoint profiling.

• Integrate Cyber Vision intelligence into profiling, segmentation, and access control workflows.
• Support Zero Trust efforts through identity-centric segmentation and policy integration across ACI

and SDA fabrics.

Visibility, Analytics & Observability

• Deploy and manage ThousandEyes for end-to-end visibility, routing path analysis, and performance

monitoring.

• Implement and support Cisco Cyber Vision for OT/IoT asset visibility, device classification, and

behavior analysis.

• Manage DNA Spaces for location analytics, telemetry ingestion, device behavior, and wireless

intelligence.

• Provide meaningful insights to leadership using data from these observability platforms.

Core Network Engineering

• Troubleshoot complex L2/L3 network issues across multiple environments including VLANs, OSPF,

BGP, STP, and multicast.

• Designing, and implementing Palo Alto Networks security solutions across enterprise environments.
• Create and maintain documentation including architecture diagrams, standards, runbooks, and

asset inventories.

• Assist in modernization planning, platform upgrades, procurement processes, and statewide

technology initiatives.

Other duties as assigned.

• Minimum of 15 years of experience working with Cisco networking.

• Hands-on experience with Cisco ACI in production environments.
• Deep knowledge of ACI constructs (VRF, BD, EPG, ESG, L3Out, contracts).
• Experience integrating ACI with OpenShift VMM and Cilium/Isovalent.
• Proficiency with Cisco Catalyst platforms and SDA fabric technologies.
• Experience administering Cisco ISE including TACACS+ and policy-set based NAC.
• Strong understanding of Thousand Eyes, Cyber Vision, and DNA Spaces or comparable tools.
• Solid command of core TCP/IP, routing, switching, QoS, and network security fundamentals.
• Ability to develop clear diagrams, documentation, and architectural artifacts.
• Strong analytical and communication skills with the ability to work in fast-paced, mission-critical environments.
• Cisco certifications such as CCNP Data Center, CCNP Enterprise, CCIE, or equivalent experience.
• Hands-on experience with container networking and virtualization integrations.
• Familiarity with NIST frameworks and state-level cybersecurity requirements.
• Experience with network automation tools (Python, Ansible, REST APIs).
• Prior work in state government or large enterprise network environments.
• PCCSA - Palo Alto Networks Certified Cybersecurity Associate

Foundational security, NGFW basics, threats, App-ID, and policy.

• PCNSA - Palo Alto Networks Certified Network Security Administrator

Focuses on NGFW configuration, security profiles, NAT, App-ID, URL filtering, WildFire