L4 Network Architect – Cisco SDAccess & Enterprise Networking
Share
Job Location:
Los Angeles, CA - USA
Monthly Salary:
Not Disclosed
Posted on:
2 days ago
Vacancies:
1 Vacancy
Job Summary
Request Title: L4 Network Architect / Engineer Cisco SDAccess & Enterprise Networking
Duration: 12 Months Hrs/Wk:40.00
Work Location: Los Angeles CA (Westwood area Hybrid/Onsite)
Notes :
1. Must reside in the immediate Los Angeles metro area and be able to work onsite at client sites in Downtown LA.
2. Offhours / change windows as needed for critical migrations.
We are hiring for an L4 Network Architect/Engineer tolead design and delivery of multisite Cisco SoftwareDefined Access (SDAccess) solutions at scale. Contribute to and implement architecture direction drive complex deployments across distributed campuses and mentor engineers while partnering closely with security and operations. The ideal candidate holds anactive CCIE and demonstrates deep handson expertise across Cisco routing/switching Cisco Catalyst Center (formerly Cisco DNA Center) Cisco ISE Cisco FTD firewalls and Cisco SDWAN with expertlevel command of BGP EIGRP OSPF and related enterprise routing protocols.
What youll do (Key Responsibilities)
Own endtoend SDAccess architecture for large multisite enterprises: fabric design (control/edge/border) transit options segmentation (SGTs/TrustSec) identity policy and integration with WAN and data center.
Lead Catalyst Centerdriven automation: design templates SDA workflows network assurance SWIM and closedloop operations aligned to reliability/SLOs.
Design identitycentric security with ISE: policy sets authorization profiles posture PxGrid integrations wired/wireless 802.1X/MAB guest/BYOD and scalable group policies.
Engineer secure edge and campus perimeters: Cisco FTD/Firepower policy design NAT VPN IDS/IPS SSL decryption strategy and high availability.
Architect SDWAN underlay/overlay: transport independence applicationaware routing DIA/Cloud onramp security integration and multiregion scale.
Expert routing at scale: BGP (policy route reflectors communities) OSPF EIGRP ECMP redistribution strategies route filtering summarization and IPv6 planning.
Drive modernization roadmaps: brownfield to SDA migration hierarchical campus design QoS multicast wireless controller (Catalyst 9800) alignment and resiliency patterns.
Deliver handson build and escalation leadership: lab validation pilot phased rollout cutover plans MOPs change windows and rootcause analysis for P1/P2 incidents.
Mentor and uplift engineering teams: design reviews standards runbooks and enablement sessions for operations and field engineers.
Stakeholder leadership: collaborate with security EUC cloud and application teams; translate business outcomes into technical architectures and measurable milestones.
Documentation & governance: HLD/LLD asbuilts standards security exceptions and compliance artifacts; contribute to reference architectures and reusable templates.
Required Qualifications (MustHave)
Active CCIE (any track; Enterprise Infrastructure and/or Security strongly preferred).
10 years enterprise networking experience including35 years leading SDAccess architecture and deployment across multiple sites.
Proven exceptionalhandson skills with Cisco routing/switching and Catalyst Center (formerly Cisco DNA Center) for SDA automation and assurance.
Deep expertise withCisco ISE (policy 802.1X SGT/TrustSec) and Cisco FTD (Firepower) firewalls (threat access control NAT/VPN high availability).
Strong experience withCisco SDWAN (design policy/templating security integration operationalization).
Expertlevel knowledge ofBGP EIGRP OSPF redistribution and routepolicy design for large enterprises.
Demonstrated successleading complex multiphase migrations and mentoring senior engineers.
Preferred Qualifications
CCDE or dual CCIE; Cisco Certified Specialist certifications in SDA ISE or SDWAN.
Automation fluency (Ansible Python Terraform) Gitbased workflows and API integration with Catalyst Center/ISE/FTD/SDWAN.
Wireless (Catalyst 9800/Prime/Catalyst Center Assurance) QoS strategy multicast NAC posture and Zero Trust segmentation.
Cloud networking (Azure/AWS) hybrid connectivity and DNS/DHCP/IPAM integration.
Familiarity with data center and campus interconnect(e.g. ACI concepts beneficial but not required).
10 years enterprise networking experience including35 years leading SDAccess architecture and deployment across multiple sites.
Company Industry
IT Services and IT Consulting
Key Skills
- SAP BusinessObjects
- Enterprise Architecture
- Hybris
- SAP HANA
- SAP
- TOGAF
- Solution Architecture
- Cloud Architecture
- SAP BW 4HANA
- Salesforce
- SAP S/4HANA
- SAP ERP
