TEPHRA
Description:
Job Description:
Lead solutioning and delivery architecture for large-scale network modernization programs across WAN/LAN/WLAN and cloud networking. Own end-to-end designs for SD-WAN to SASE/Zero-Trust transitions, Network-as-a-Service (NaaS) models, multi-cloud connectivity patterns, and observability/automation, aligning to business outcomes, security, and experience (SLA/XLA).
Roles and Responsibilities
Own discovery, assessment and target-state reference architectures for enterprise networks (WAN/LAN/WLAN, DC/Cloud, OT/edge). Design and document HLD/LLD for SD-WAN platforms and SASE/Zero-Trust controls (SWG, CASB, ZTNA, FWaaS). Define multi-cloud networking patterns (AWS TGW/Transit, Azure vWAN/Route Server, GCP NCC) and hybrid connectivity (ExpressRoute/Direct Connect/Interconnect). Shape LAN/WLAN modernization (intent-based/SD-Access, Wi-Fi 6/6E/7) and campus segmentation with identity-aware policies. Lead PoCs and solution validation; create BOMs/BOQs, migration runbooks, fallback plans, test/UAT approaches and acceptance criteria. Partner with OEMs and Telcos; evaluate NaaS constructs and commercials; contribute to make-vs-buy decisions. Embed observability and AIOps; specify telemetry, synthetics, and experience metrics (e.g., XLA) and define SLOs/SLIs. Industrialize network automation (Ansible/Terraform, pipelines, IaC/GitOps), golden configs and compliance guardrails. Contribute to pursuits (RFI/RFP/Orals), solution narratives, effort/cost models and risk registers; ensure solution governance and sign-offs. Provide architecture oversight into delivery; guide transition, cutovers, hypercare and handover; coach architects/engineers. Author reusable patterns/accelerators and knowledge assets for the practice; evangelize TCS frameworks and best practices. Qualifications:
Mandatory Skills Experience:
12-18+ years in networking with 6+ years as an architect delivering global programs (>200 sites or equivalent scale). Proven track record leading assessments, roadmaps, designs and migrations for SD-WAN/SASE and campus/DC modernization. Experience in multi-vendor, multi-supplier environments; comfortable with Guardian/Service Integration models. Consulting orientation with strong client-facing communication, storytelling and executive presentation skills. Education & Certifications:
Bachelor's degree in engineering/technology (or equivalent experience).
One or more vendor/industry certifications: CCNP/CCIE, JNCIP/JNCIE, PCNSE, Fortinet NSE 7/8, ZIA/ZCCP, AWS Advanced Networking Specialty, Microsoft Azure Network Engineer Associate, TOGAF/ITIL (preferred).
Technical Skills:
Deep architecture expertise in two or more SD-WAN stacks (e.g., Cisco Viptela/Meraki, Aruba EdgeConnect, Versa, Fortinet, Palo Alto/Prisma, Juniper). Hands-on design of SASE components (SWG, CASB/DLP, ZTNA, FWaaS) with vendors such as Zscaler, Netskope, Palo Alto, Fortinet, Cisco, or Cloudflare. Cloud networking across AWS/Azure/GCP (Transit/Hub-and-Spoke, vWAN, Route Server, TGW, NCC), DNS/DHCP/IPAM (e.g., Infoblox) and identity-aware segmentation. Campus & DC networking (EVPN/VXLAN, SDA/ACI or equivalent), Wireless (Wi-Fi 6/6E/7), NAC/802.1X. Automation and IaC (Ansible, Terraform, Git, CI/CD) and scripting (Python/Bash) to codify design, config and operational workflows. Observability & Digital Experience Monitoring (e.g., ThousandEyes, AppNeta, Datadog, Dynatrace) and NPM/NPMD stacks; capacity and performance engineering. Security fundamentals: Zero-Trust architectures, micro/macro-segmentation, certificate/PKI, encryption, BCP/DR for networks. Understanding of OT/Industrial networks and Private 5G/LTE (nice-to-have) for shop-floor and edge scenarios. Desired Skills
Customer focus and ownership mindset; ability to balance value, risk and cost. Collaborative leadership across architecture, engineering, security and operations. Structured problem-solving; crisp writing; ability to create compelling solution narratives. Success Measures / KPIs
Solution quality and governance (architecture checkpoints passed, deployment exceptions). Pursuit impact (win rate/shortlists, solution scoring, commercial hygiene). Migration outcomes (cutover success rate, MTTR, performance uplift, XLA improvements). Automation and standardization (golden configs/templates; % infra as code).
#LI-KR2
Job Description:
Lead solutioning and delivery architecture for large-scale network modernization programs across WAN/LAN/WLAN and cloud networking. Own end-to-end designs for SD-WAN to SASE/Zero-Trust transitions, Network-as-a-Service (NaaS) models, multi-cloud connectivity patterns, and observability/automation, aligning to business outcomes, security, and experience (SLA/XLA).
Roles and Responsibilities
Own discovery, assessment and target-state reference architectures for enterprise networks (WAN/LAN/WLAN, DC/Cloud, OT/edge). Design and document HLD/LLD for SD-WAN platforms and SASE/Zero-Trust controls (SWG, CASB, ZTNA, FWaaS). Define multi-cloud networking patterns (AWS TGW/Transit, Azure vWAN/Route Server, GCP NCC) and hybrid connectivity (ExpressRoute/Direct Connect/Interconnect). Shape LAN/WLAN modernization (intent-based/SD-Access, Wi-Fi 6/6E/7) and campus segmentation with identity-aware policies. Lead PoCs and solution validation; create BOMs/BOQs, migration runbooks, fallback plans, test/UAT approaches and acceptance criteria. Partner with OEMs and Telcos; evaluate NaaS constructs and commercials; contribute to make-vs-buy decisions. Embed observability and AIOps; specify telemetry, synthetics, and experience metrics (e.g., XLA) and define SLOs/SLIs. Industrialize network automation (Ansible/Terraform, pipelines, IaC/GitOps), golden configs and compliance guardrails. Contribute to pursuits (RFI/RFP/Orals), solution narratives, effort/cost models and risk registers; ensure solution governance and sign-offs. Provide architecture oversight into delivery; guide transition, cutovers, hypercare and handover; coach architects/engineers. Author reusable patterns/accelerators and knowledge assets for the practice; evangelize TCS frameworks and best practices. Qualifications:
Mandatory Skills Experience:
12-18+ years in networking with 6+ years as an architect delivering global programs (>200 sites or equivalent scale). Proven track record leading assessments, roadmaps, designs and migrations for SD-WAN/SASE and campus/DC modernization. Experience in multi-vendor, multi-supplier environments; comfortable with Guardian/Service Integration models. Consulting orientation with strong client-facing communication, storytelling and executive presentation skills. Education & Certifications:
Bachelor's degree in engineering/technology (or equivalent experience).
One or more vendor/industry certifications: CCNP/CCIE, JNCIP/JNCIE, PCNSE, Fortinet NSE 7/8, ZIA/ZCCP, AWS Advanced Networking Specialty, Microsoft Azure Network Engineer Associate, TOGAF/ITIL (preferred).
Technical Skills:
Deep architecture expertise in two or more SD-WAN stacks (e.g., Cisco Viptela/Meraki, Aruba EdgeConnect, Versa, Fortinet, Palo Alto/Prisma, Juniper). Hands-on design of SASE components (SWG, CASB/DLP, ZTNA, FWaaS) with vendors such as Zscaler, Netskope, Palo Alto, Fortinet, Cisco, or Cloudflare. Cloud networking across AWS/Azure/GCP (Transit/Hub-and-Spoke, vWAN, Route Server, TGW, NCC), DNS/DHCP/IPAM (e.g., Infoblox) and identity-aware segmentation. Campus & DC networking (EVPN/VXLAN, SDA/ACI or equivalent), Wireless (Wi-Fi 6/6E/7), NAC/802.1X. Automation and IaC (Ansible, Terraform, Git, CI/CD) and scripting (Python/Bash) to codify design, config and operational workflows. Observability & Digital Experience Monitoring (e.g., ThousandEyes, AppNeta, Datadog, Dynatrace) and NPM/NPMD stacks; capacity and performance engineering. Security fundamentals: Zero-Trust architectures, micro/macro-segmentation, certificate/PKI, encryption, BCP/DR for networks. Understanding of OT/Industrial networks and Private 5G/LTE (nice-to-have) for shop-floor and edge scenarios. Desired Skills
Customer focus and ownership mindset; ability to balance value, risk and cost. Collaborative leadership across architecture, engineering, security and operations. Structured problem-solving; crisp writing; ability to create compelling solution narratives. Success Measures / KPIs
Solution quality and governance (architecture checkpoints passed, deployment exceptions). Pursuit impact (win rate/shortlists, solution scoring, commercial hygiene). Migration outcomes (cutover success rate, MTTR, performance uplift, XLA improvements). Automation and standardization (golden configs/templates; % infra as code).
#LI-KR2