Kforce Inc
This range is provided by Kforce Inc. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.
Base pay range $78.00/hr - $78.00/hr
Responsibilities
Own end to end SD Access architecture for large, multi‑site enterprises: fabric design (control/edge/border), transit options, segmentation (SGTs/TrustSec), identity policy, and integration with WAN and data center
Lead Catalyst Center‑driven automation: design templates, SDA workflows, network assurance, SWIM, and closed‑loop operations aligned to reliability/SLOs
Design identity centric security with ISE: policy sets, authorization profiles, posture, PxGrid integrations, wired/wireless 802.1X/MAB, guest/BYOD, and scalable group policies
Engineer secure edge and campus perimeters: Cisco FTD/Firepower policy design, NAT, VPN, IDS/IPS, SSL decryption strategy, and high availability
Architect SD WAN underlay/overlay: transport independence, application‑aware routing, DIA/Cloud on‑ramp, security integration, and multi‑region scale
Expert routing at scale: BGP (policy, route reflectors, communities), OSPF, EIGRP, ECMP, redistribution strategies, route filtering, summarization, and IPv6 planning
Drive modernization roadmaps: brownfield to SDA migration, hierarchical campus design, QoS, multicast, wireless controller (Catalyst 9800) alignment, and resiliency patterns
Requirements
Active CCIE (any track; Enterprise Infrastructure and/or Security strongly preferred)
10+ years enterprise networking experience, including 3‑5+ years leading SD Access architecture and deployment across multiple sites
Required experience: Telco/Carrier experience; MPLS (L2VPN/L3VPN/MPLS Lite/Tagging); DWDM; IP WAN and Routing (BGP/iBGP/eBGP/AS Networks); Cloud (AWS or Azure) networking expertise is a strong plus
Proven, exceptional hands‑on skills with Cisco routing/switching and Catalyst Center (formerly Cisco DNA Center) for SDA automation and assurance
Deep expertise with Cisco ISE (policy, 802.1X, SGT/TrustSec) and Cisco FTD (Firepower) firewalls (threat, access control, NAT/VPN, high availability)
Strong experience with Cisco SD WAN (design, policy/templating, security integration, operationalization)
Expert level knowledge of BGP, EIGRP, OSPF, redistribution, and route policy design for large enterprises
Demonstrated success leading complex, multi‑phase migrations and mentoring senior engineers
Preferred Qualifications
CCDE or dual CCIE; Cisco Certified Specialist certifications in SDA, ISE, or SD WAN
Automation fluency (Ansible, Python, Terraform), Git based workflows, and API integration with Catalyst Center/ISE/FTD/SD WAN
Wireless (Catalyst 9800/Prime/Catalyst Center Assurance), QoS strategy, multicast, NAC posture, and Zero Trust segmentation
Cloud networking (Azure/AWS), hybrid connectivity,
and DNS/DHCP/IPAM integration
Familiarity with data center and campus interconnect (e.g., ACI concepts beneficial but not required)
Benefits We offer comprehensive benefits including medical/dental/vision insurance, HSA, FSA, 401(k), and life, disability & ADD insurance to eligible employees. Salaried personnel receive paid time off. Hourly employees are not eligible for paid time off unless required by law. Hourly employees on a Service Contract Act project are eligible for paid sick leave.
Equal Opportunity Employer Kforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.
Seniority Level Associate
Employment Type Contract
Job Function Information Technology
Industries Telecommunications
#J-18808-Ljbffr
Base pay range $78.00/hr - $78.00/hr
Responsibilities
Own end to end SD Access architecture for large, multi‑site enterprises: fabric design (control/edge/border), transit options, segmentation (SGTs/TrustSec), identity policy, and integration with WAN and data center
Lead Catalyst Center‑driven automation: design templates, SDA workflows, network assurance, SWIM, and closed‑loop operations aligned to reliability/SLOs
Design identity centric security with ISE: policy sets, authorization profiles, posture, PxGrid integrations, wired/wireless 802.1X/MAB, guest/BYOD, and scalable group policies
Engineer secure edge and campus perimeters: Cisco FTD/Firepower policy design, NAT, VPN, IDS/IPS, SSL decryption strategy, and high availability
Architect SD WAN underlay/overlay: transport independence, application‑aware routing, DIA/Cloud on‑ramp, security integration, and multi‑region scale
Expert routing at scale: BGP (policy, route reflectors, communities), OSPF, EIGRP, ECMP, redistribution strategies, route filtering, summarization, and IPv6 planning
Drive modernization roadmaps: brownfield to SDA migration, hierarchical campus design, QoS, multicast, wireless controller (Catalyst 9800) alignment, and resiliency patterns
Requirements
Active CCIE (any track; Enterprise Infrastructure and/or Security strongly preferred)
10+ years enterprise networking experience, including 3‑5+ years leading SD Access architecture and deployment across multiple sites
Required experience: Telco/Carrier experience; MPLS (L2VPN/L3VPN/MPLS Lite/Tagging); DWDM; IP WAN and Routing (BGP/iBGP/eBGP/AS Networks); Cloud (AWS or Azure) networking expertise is a strong plus
Proven, exceptional hands‑on skills with Cisco routing/switching and Catalyst Center (formerly Cisco DNA Center) for SDA automation and assurance
Deep expertise with Cisco ISE (policy, 802.1X, SGT/TrustSec) and Cisco FTD (Firepower) firewalls (threat, access control, NAT/VPN, high availability)
Strong experience with Cisco SD WAN (design, policy/templating, security integration, operationalization)
Expert level knowledge of BGP, EIGRP, OSPF, redistribution, and route policy design for large enterprises
Demonstrated success leading complex, multi‑phase migrations and mentoring senior engineers
Preferred Qualifications
CCDE or dual CCIE; Cisco Certified Specialist certifications in SDA, ISE, or SD WAN
Automation fluency (Ansible, Python, Terraform), Git based workflows, and API integration with Catalyst Center/ISE/FTD/SD WAN
Wireless (Catalyst 9800/Prime/Catalyst Center Assurance), QoS strategy, multicast, NAC posture, and Zero Trust segmentation
Cloud networking (Azure/AWS), hybrid connectivity,
and DNS/DHCP/IPAM integration
Familiarity with data center and campus interconnect (e.g., ACI concepts beneficial but not required)
Benefits We offer comprehensive benefits including medical/dental/vision insurance, HSA, FSA, 401(k), and life, disability & ADD insurance to eligible employees. Salaried personnel receive paid time off. Hourly employees are not eligible for paid time off unless required by law. Hourly employees on a Service Contract Act project are eligible for paid sick leave.
Equal Opportunity Employer Kforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.
Seniority Level Associate
Employment Type Contract
Job Function Information Technology
Industries Telecommunications
#J-18808-Ljbffr