Job Role: Network Architect
Location: Louisville, KY/Remote
Job Description:
Must Have Technical/Functional Skills
Routing & Switching
- Expert in OSPF, BGP, IS-IS, route redistribution, filtering, communities, path selection.
- IPv4/IPv6, NAT, multicast (PIM), ECMP, HA pairs/stacking, MLAG/vPC.
Data Center & Campus
- VXLAN/EVPN fabrics, spine leaf, EVPN, L2/L3 segmentation.
- Wireless/Wi Fi 6/6E, RF planning, identity-based access.
WAN / Edge / Remote
- SD WAN (Cisco/Viptela, Meraki, Aruba, Versa, Fortinet, Palo Alto, etc.).
- SASE/SSE (Zscaler, Prisma Access, Netskope) and Zero Trust access patterns.
Security Integration
- Next gen firewalls, IPS/IDS, micro-segmentation (NSX-T/ACI/Illumio), NAC (ISE/ClearPass).
- TLS/IPsec, MACsec, PKI, AAA, RADITACACS+, device hardening.
Cloud Networking
- AWS: VPC, TGW, Private Link, GWLB, Route 53, NLB/ALB, SG/NACL.
- Azure: VNet, vWAN, ExpressRoute, Private Link, Azure Firewall, Front Door, DNS.
- Google Cloud Platform: VPC, Cloud Router/NAT, Interconnect, Cloud DNS, Load Balancing.
- Hybrid connectivity (MPLS, DIA, ExpressRoute/Direct Connect/Interconnect), routing, and security.
Wireless and Remote Access:
- Implementation and management of enterprise Wi-Fi (WLCs, RADIUS, 802.1X, WPA3).
- Experience with remote access VPN (SSL/IPsec), SD-WAN, and policy-based routing.
Roles & Responsibilities
Essential Duties and Responsibilities:
- Define target-state network architectures (LAN/WAN, data center, campus, branch, edge, SD-WAN, SASE, Zero Trust, Wi Fi).
- Produce HLD/LLD (High-/Low-Level Designs), reference architectures, bill of materials, and network diagrams.
- Architect cloud networking across AWS/Azure/Google Cloud Platform (VPC/VNet, transit, private link, routing, DNS, FW, load balancing, service mesh integration).
- Design resiliency and performance: HA, ECMP, QoS, traffic engineering, capacity planning, multi-region patterns.
- Define standards, policies, and patterns (naming, IPAM, routing, segmentation, encryption, observability).
- Implementation & Delivery
- Lead proofs-of-concept and pilots for new technologies (SD WAN/SASE/NAC/automation frameworks).
- Guide implementation teams; review configuration templates, change plans, and cutover runbooks.
- Establish automation-first workflows for provisioning, configuration, compliance, and drift remediation.
- Embed Zero Trust principles: micro/macro segmentation, identity-aware networking, secure access.
- Partner with Security to integrate NAC, IDS/IPS, FWaaS, DLP, CASB/SSE/SASE, and logging pipelines.
- Ensure compliance with ISO 27001, SOC 2, PCI-DSS, and data residency/regulatory requirements.
- Define SLOs/SLAs, capacity thresholds, and monitoring KPIs (availability, latency, loss, jitter).
- Build observability: NetFlow/IPFIX, SNMP, streaming telemetry, syslog, packet brokers, NPM/APM.
- Drive problem management: root-cause analysis (RCA), post-incident reviews, and prevention plans.
- Automation and Network Management:
- Scripting and automation with Python, Ansible, Terraform, or similar tools for network provisioning and configuration management.
- Familiarity with Infrastructure as Code (IaC) principles.
- Integration with network management and monitoring platforms (SolarWinds, Net Brain, Cisco DNA Center).
- Own the network technology roadmap and multi-year investment plan (TCO/ROI).
- Lead vendor selection, bake offs, and contract/SKU optimization.
- Mentor engineers, uplift standards, and evangelize best practices across teams.
- Communicate complex topics to both executive and engineering audiences.
Never miss an opportunity! Create an alert based on the job you applied for.
