Network Architect

Role Summary

We are seeking an experienced Enterprise Network Architect to design and oversee the implementation of a secure, scalable, and regionally integrated network infrastructure across MGS offices. The candidate will lead architecture for LAN/WAN, SD-WAN, wireless, routing, switching, network access control, and DDI (DNS, DHCP, IPAM) solutions. This is a strategic role that combines deep technical expertise with hands-on design ownership.

Key Responsibilities

1. Network Architecture & Design

- Architect and document enterprise LAN/WAN infrastructure including:

Core and access switching (Cisco C9300/C9200)

WAN edge routing (Cisco C8300/C8200)

Layer 2/3 topology, VLANs, and IP segmentation

- Design and implement SD-WAN architecture with multi-region integration (Americas, EMEA, APAC)

- Define HA, redundancy, and failover strategies across routing, switching, and WAN links

2. Wireless and Access Infrastructure

- Design and standardize Wi-Fi networks (Cisco Catalyst 9100, 9800 WLC)

- Integrate identity-based VLAN assignment using Cisco ISE/NPS with 802.1X/EAP-TLS

- Optimize wireless coverage, RF planning, and dynamic AP load balancing

3. DDI (DNS, DHCP, IPAM)

- Architect and deploy Infoblox DDI solution (Grid Master/Members, HA)

- Integrate DHCP and DNS services with IPAM, ISE, and Active Directory

- Define IP address management schema, subnet design, and discovery policies

4. Security & Policy Integration

- Collaborate with security teams on firewall integration and policy routing

- Implement secure dynamic VLANs and posture-based access via Cisco ISE

- Define network zoning, segmentation, and east-west traffic controls

5. Documentation & Standards

- Produce high-quality HLDs, LLDs, implementation plans, and As-Built documentation

- Establish configuration standards, naming conventions, and operational runbooks

Required Qualifications

- 15+ years of experience in enterprise network engineering/architecture

- Deep hands-on expertise with:

Cisco enterprise routing and switching (Catalyst 9K series, IOS-XE)

Cisco WLCs (9800 series) and Wi-Fi 6 access points

Cisco ISE or Microsoft NPS for identity-based access

Infoblox or similar solution for DNS/DHCP/IPAM

BGP, OSPF, HSRP, VRRP, and Policy-Based Routing

- Proven experience in designing multi-site, multi-region enterprise networks

- Strong understanding of 802.1X, EAP-TLS, RADIUS, and certificate-based authentication

- Experience with SD-WAN solutions (Cisco SD-WAN /Meraki/ Viptela preferred)

Preferred Certifications

- CCNP Enterprise or CCIE (Routing & Switching / Enterprise Infrastructure)

- Infoblox Core DDI Certified (CDCA / CDIA) – preferred

- Cisco Certified Specialist – Enterprise Wireless Design

- Microsoft or Cisco security certifications a plus