Jobs via Dice
Overview
Senior/Principal Network Architect (L4-Principal) - Cisco SD Access & Enterprise Networking, Los Angeles, CA (Westwood area). Duration: 6 mo. contract to hire. Travel to client offices in Westwood, CA and to sporting venues around LA/downtown will be required. Responsibilities
Own end to end SD Access architecture for large, multi-site enterprises: fabric design (control/edge/border), transit options, segmentation (SGTs/TrustSec), identity policy, and integration with WAN and data center. Lead Catalyst Center-driven automation: design templates, SDA workflows, network assurance, SWIM, and closed loop operations aligned to reliability/SLOs. Design identity-centric security with ISE: policy sets, authorization profiles, posture, PxGrid integrations, wired/wireless 802.1X/MAB, guest/BYOD, and scalable group policies. Engineer secure edge and campus perimeters: Cisco FTD/Firepower policy design, NAT, VPN, IDS/IPS, SSL decryption strategy, and high availability. Architect SD WAN underlay/overlay: transport independence, application aware routing, DIA/Cloud on ramp, security integration, and multi-region scale. Expert routing at scale: BGP (policy, route reflectors, communities), OSPF, EIGRP, ECMP, redistribution strategies, route filtering, summarization, and IPv6 planning. Drive modernization roadmaps: brownfield to SDA migration, hierarchical campus design, QoS, multicast, wireless controller (Catalyst 9800) alignment, and resiliency patterns. Deliver hands-on build and escalation leadership: lab validation, pilot, phased rollout, cutover plans, MOPs, change windows, and root cause analysis for P1/P2 incidents. Mentor and uplift engineering teams: design reviews, standards, runbooks, and enablement sessions for operations and field engineers. Stakeholder leadership: collaborate with security, EUC, cloud, and application teams; translate business outcomes into technical architectures and measurable milestones. Documentation & governance: HLD/LLD, as-builts, standards, security exceptions, and compliance artifacts; contribute to reference architectures and reusable templates. Qualifications
Required : Active CCIE (any track; Enterprise Infrastructure and/or Security strongly preferred). 10+ years enterprise networking experience, including 3-5+ years leading SD Access architecture and deployment across multiple sites. Proven hands-on skills with Cisco routing/switching and Catalyst Center (formerly Cisco DNA Center) for SDA automation and assurance. Deep expertise with Cisco ISE (policy, 802.1X, SGT/TrustSec) and Cisco FTD (Firepower) firewalls (threat, access control, NAT/VPN, high availability). Strong experience with Cisco SD WAN (design, policy/templating, security integration, operationalization). Expert level knowledge of BGP, EIGRP, OSPF, redistribution, and route policy design for large enterprises. Demonstrated success leading complex, multi-phase migrations and mentoring senior engineers. Preferred : CCDE or dual CCIE; Cisco Certified Specialist certifications in SDA, ISE, or SD WAN. Automation fluency (Ansible, Python, Terraform), Git-based workflows, and API integration with Catalyst Center/ISE/FTD/SD WAN. Wireless (Catalyst 9800/Prime/Catalyst Center Assurance), QoS strategy, multicast, NAC posture, and Zero Trust segmentation. Cloud networking (Azure/AWS), hybrid connectivity, and DNS/DHCP/IPAM integration. Familiarity with data center and campus interconnect (e.g., ACI concepts beneficial but not required). Work Style & Travel
Must reside in the immediate Los Angeles metro area and be able to work onsite at client site in Downtown LA. Off hours change windows as needed for critical migrations. Onsite & Travel Expectations
Onsite expectations: ability to be at client site 5 days per week; may not always be required but must be available if needed. Compensation & Benefits
The pay range for this position is $80.00 - $92.00/hr. Eligibility requirements apply to some benefits and may depend on job classification and length of employment. Benefits are subject to change and may be specific to elections, plan, or program terms. If eligible, benefits for this temporary role may include Medical, dental & vision; Benefits may include Critical Illness, Accident, and Hospital; 401(k) Retirement Plan - Pre-tax and Roth post-tax contributions; Life Insurance; Short and long-term disability; Health Spending Account; Transportation benefits; Employee Assistance Program; Time Off/Leave (PTO, Vacation or Sick Leave). Workplace Type: This is a hybrid position in Los Angeles, CA. Application Deadline
This position is anticipated to close on Oct 30, 2025. About TEKsystems: We’re partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. TEKsystems is an Allegis Group company. The company is an equal opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.
#J-18808-Ljbffr
Senior/Principal Network Architect (L4-Principal) - Cisco SD Access & Enterprise Networking, Los Angeles, CA (Westwood area). Duration: 6 mo. contract to hire. Travel to client offices in Westwood, CA and to sporting venues around LA/downtown will be required. Responsibilities
Own end to end SD Access architecture for large, multi-site enterprises: fabric design (control/edge/border), transit options, segmentation (SGTs/TrustSec), identity policy, and integration with WAN and data center. Lead Catalyst Center-driven automation: design templates, SDA workflows, network assurance, SWIM, and closed loop operations aligned to reliability/SLOs. Design identity-centric security with ISE: policy sets, authorization profiles, posture, PxGrid integrations, wired/wireless 802.1X/MAB, guest/BYOD, and scalable group policies. Engineer secure edge and campus perimeters: Cisco FTD/Firepower policy design, NAT, VPN, IDS/IPS, SSL decryption strategy, and high availability. Architect SD WAN underlay/overlay: transport independence, application aware routing, DIA/Cloud on ramp, security integration, and multi-region scale. Expert routing at scale: BGP (policy, route reflectors, communities), OSPF, EIGRP, ECMP, redistribution strategies, route filtering, summarization, and IPv6 planning. Drive modernization roadmaps: brownfield to SDA migration, hierarchical campus design, QoS, multicast, wireless controller (Catalyst 9800) alignment, and resiliency patterns. Deliver hands-on build and escalation leadership: lab validation, pilot, phased rollout, cutover plans, MOPs, change windows, and root cause analysis for P1/P2 incidents. Mentor and uplift engineering teams: design reviews, standards, runbooks, and enablement sessions for operations and field engineers. Stakeholder leadership: collaborate with security, EUC, cloud, and application teams; translate business outcomes into technical architectures and measurable milestones. Documentation & governance: HLD/LLD, as-builts, standards, security exceptions, and compliance artifacts; contribute to reference architectures and reusable templates. Qualifications
Required : Active CCIE (any track; Enterprise Infrastructure and/or Security strongly preferred). 10+ years enterprise networking experience, including 3-5+ years leading SD Access architecture and deployment across multiple sites. Proven hands-on skills with Cisco routing/switching and Catalyst Center (formerly Cisco DNA Center) for SDA automation and assurance. Deep expertise with Cisco ISE (policy, 802.1X, SGT/TrustSec) and Cisco FTD (Firepower) firewalls (threat, access control, NAT/VPN, high availability). Strong experience with Cisco SD WAN (design, policy/templating, security integration, operationalization). Expert level knowledge of BGP, EIGRP, OSPF, redistribution, and route policy design for large enterprises. Demonstrated success leading complex, multi-phase migrations and mentoring senior engineers. Preferred : CCDE or dual CCIE; Cisco Certified Specialist certifications in SDA, ISE, or SD WAN. Automation fluency (Ansible, Python, Terraform), Git-based workflows, and API integration with Catalyst Center/ISE/FTD/SD WAN. Wireless (Catalyst 9800/Prime/Catalyst Center Assurance), QoS strategy, multicast, NAC posture, and Zero Trust segmentation. Cloud networking (Azure/AWS), hybrid connectivity, and DNS/DHCP/IPAM integration. Familiarity with data center and campus interconnect (e.g., ACI concepts beneficial but not required). Work Style & Travel
Must reside in the immediate Los Angeles metro area and be able to work onsite at client site in Downtown LA. Off hours change windows as needed for critical migrations. Onsite & Travel Expectations
Onsite expectations: ability to be at client site 5 days per week; may not always be required but must be available if needed. Compensation & Benefits
The pay range for this position is $80.00 - $92.00/hr. Eligibility requirements apply to some benefits and may depend on job classification and length of employment. Benefits are subject to change and may be specific to elections, plan, or program terms. If eligible, benefits for this temporary role may include Medical, dental & vision; Benefits may include Critical Illness, Accident, and Hospital; 401(k) Retirement Plan - Pre-tax and Roth post-tax contributions; Life Insurance; Short and long-term disability; Health Spending Account; Transportation benefits; Employee Assistance Program; Time Off/Leave (PTO, Vacation or Sick Leave). Workplace Type: This is a hybrid position in Los Angeles, CA. Application Deadline
This position is anticipated to close on Oct 30, 2025. About TEKsystems: We’re partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. TEKsystems is an Allegis Group company. The company is an equal opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.
#J-18808-Ljbffr