Network Architect

Job Title: Senior Network Architect

Mandatory skills: Cisco ACI, Cisco Routing and Switches, PaloAlto firewall, Cisco FTD Firewall

Secondary skills: Azure Infra

Location – Dallas, Texas

Role Summary

We are looking for a Senior Network Architect with deep expertise in enterprise and data center networking and strong hands-on capability across Cisco Routing & Switching, Cisco ACI, Nexus, and Cisco SD-WAN. The role requires solid experience in network security using Cisco FTD (Firepower) and Palo Alto firewalls, along with cloud networking exposure across Azure and AWS (connectivity, routing, segmentation, security, landing zones, and hybrid networking).

You will lead end-to-end network architecture, including design, roadmap, migration strategy, implementation oversight, operational readiness, and security compliance, ensuring scalable and resilient connectivity for business-critical environments.

Key Responsibilities

Network Architecture & Design

• Own high-level and low-level network designs (HLD/LLD) for campus, WAN, and data center environments.
• Define network standards, reference architectures, and reusable patterns for routing, switching, segmentation, and security.
• Lead technology selection, capacity planning, and performance engineering for large-scale networks.
  
  

Cisco Routing & Switching / Nexus / Data Center

• Architect and govern Cisco R&S including OSPF/BGP/EIGRP, route redistribution, VRF, QoS, multicast (if required), and high availability.
• Design and implement Cisco Nexus based DC fabrics (vPC, VDC, VXLAN EVPN if applicable).
• Drive resilient DC connectivity patterns (ECMP, redundant uplinks, dual-homing, spine-leaf designs).
  
  

Cisco ACI (Application Centric Infrastructure)

• Design and govern Cisco ACI fabric architecture: tenants, VRFs, bridge domains, EPGs, contracts, L4-L7 service insertion.
• Build and manage ACI policies, micro-segmentation, and integration with external networks / firewalls / load balancers.
• Support ACI upgrades, migrations, and operationalization best practices.
  
  

SD-WAN (Cisco)

• Architect and oversee Cisco SD-WAN deployments (policy design, segmentation, app-aware routing, DIA, ZTP).
• Define WAN transformation strategies: MPLS to broadband/DIA, dual ISP, resilience patterns, and centralized security integration.
  
  

Network Security – Cisco FTD & Palo Alto

• Architect perimeter and internal security controls using Cisco FTD (FMC policies, ACP, NAT, IPS, SSL decryption where applicable, VPN).
• Design and implement Palo Alto security solutions: security policy, NAT, routing, zones, App-ID, User-ID (optional), URL filtering, IPS/Threat prevention.
• Own firewall rule governance: standards, review, recertification, and audit alignment.
• Design secure site-to-site and remote access VPNs, segmentation, and zero-trust aligned controls.
  
  

Cloud Networking (Azure & AWS)

• Design hybrid connectivity: ExpressRoute, VPN, Transit Gateway, VPC/VNet peering, hub-spoke architectures.
• Define cloud network segmentation, routing, DNS, and firewalling patterns for secure connectivity.
• Partner with cloud/security teams to ensure architecture aligns with landing zones, compliance, and security baselines.
  
  

Delivery Leadership & Stakeholder Management

• Lead technical workshops with customers, application teams, and security teams.
• Provide guidance to implementation teams; review configs and change plans; drive production readiness and cutover governance.
• Create/maintain architecture artifacts: HLD/LLD, SOPs, runbooks, test plans, and rollback procedures.
• Participate in incident/problem management: RCA, preventive actions, automation opportunities.
  
  

Required Skills & Expertise

Core Networking (Must Have)

• Cisco Routing & Switching: OSPF, BGP, HSRP/VRRP, STP, LACP, QoS, NAT (as relevant), IPv4/IPv6 (preferred)
• Cisco Nexus: vPC, fabric design principles, data center operations
• Cisco ACI: APIC, tenants/VRF/BD/EPG/contracts, L4-L7 integration, troubleshooting
• Cisco SD-WAN: vManage/vBond/vSmart concepts, policy framework, segmentation, app routing
  
  

Security (Must Have)

• Cisco FTD / Firepower with FMC: access control policies, NAT, IPS, VPN, upgrades and troubleshooting
• Palo Alto: security policy, NAT, zones, routing, threat prevention, operational governance
  
  

Cloud Networking (Must Have)

• Azure & AWS networking: VNet/VPC design, routing, peering, gateways, hub-spoke, TGW, cloud security integration
• Hybrid connectivity design patterns and operational troubleshooting
  
  

Architecture / Governance (Must Have)

• HLD/LLD creation, architecture reviews, standardization, technical documentation
• Strong troubleshooting and RCA skills across LAN/WAN/DC/Firewall/Cloud
• Excellent communication and stakeholder management
  
  

Nice to Have (Good Additions)

• Automation: Ansible, Python, Terraform, CI/CD for network
• Monitoring/Telemetry: SNMP/NetFlow/sFlow, Syslog, Splunk, ThousandEyes, SolarWinds, Cisco DNA Center
• Load Balancers / ADC: F5, Citrix Netscaler, or equivalents (integration perspective)
• SASE / ZTNA exposure
• ITIL processes, change management, service transition
  
  

Certifications (Preferred)

• CCNP / CCIE (Enterprise / DC / Security) – preferred
• Cisco ACI certification (or proven ACI delivery expertise)
• PCNSE (Palo Alto) – preferred
• Azure (AZ-700) and/or AWS Advanced Networking – Specialty – preferred
• Please note, this role is not able to offer visa transfer or sponsorship now or in the future*
  
  

Benefits: Cognizant offers the following benefits for this position, subject to applicable eligibility requirements:

• Medical/Dental/Vision/Life Insurance
• Paid holidays plus Paid Time Off
• 401(k) plan and contributions
• Long-term/Short-term Disability
• Paid Parental Leave
• Employee Stock Purchase Plan
  
  

Disclaimer: The salary, other compensation, and benefits information is accurate as of the date of this posting. Cognizant reserves the right to modify this information at any time, subject to applicable law.