Principal Network Architect -CCIE

Talent Acquisition at Maven Companies Inc.

Own end to end SD Access architecture for large, multi site enterprises: fabric design (control/edge/border), transit options, segmentation (SGTs/TrustSec), identity policy, and integration with WAN and data center.

• Lead Catalyst Center–driven automation: design templates, SDA workflows, network assurance, SWIM, and closed loop operations aligned to reliability/SLOs.
• Design identity centric security with ISE: policy sets, authorization profiles, posture, PxGrid integrations, wired/wireless 802.1X/MAB, guest/BYOD, and scalable group policies.
• Engineer secure edge and campus perimeters: Cisco FTD/Firepower policy design, NAT, VPN, IDS/IPS, SSL decryption strategy, and high availability.
• Architect SD WAN underlay/overlay: transport independence, application aware routing, DIA/Cloud on ramp, security integration, and multi region scale.
• Expert routing at scale: BGP (policy, route reflectors, communities), OSPF, EIGRP, ECMP, redistribution strategies, route filtering, summarization, and IPv6 planning.
• Drive modernization roadmaps: brownfield to SDA migration, hierarchical campus design, QoS, multicast, wireless controller (Catalyst 9800) alignment, and resiliency patterns.
• Deliver hands on build and escalation leadership: lab validation, pilot, phased rollout, cutover plans, MOPs, change windows, and root cause analysis for P1/P2 incidents.
• Mentor and uplift engineering teams: design reviews, standards, runbooks, and enablement sessions for operations and field engineers.
• Stakeholder leadership: collaborate with security, EUC, cloud, and application teams; translate business outcomes into technical architectures and measurable milestones.
• Documentation & governance: HLD/LLD, as builts, standards, security exceptions, and compliance artifacts; contribute to reference architectures and reusable templates.

Required Qualifications (Must Have)

• Active CCIE (any track; Enterprise Infrastructure and/or Security strongly preferred).
• 10+ years enterprise networking experience, including 3–5+ years leading SD Access architecture and deployment across multiple sites.
• Proven, exceptional hands on skills with Cisco routing/switching and Catalyst Center (formerly Cisco DNA Center) for SDA automation and assurance.
• Deep expertise with Cisco ISE (policy, 802.1X, SGT/TrustSec) and Cisco FTD (Firepower) firewalls (threat, access control, NAT/VPN, high availability).
• Strong experience with Cisco SD WAN (design, policy/templating, security integration, operationalization).
• Expert level knowledge of BGP, EIGRP, OSPF, redistribution, and route policy design for large enterprises.
• Demonstrated success leading complex, multi phase migrations and mentoring senior engineers.

Preferred Qualifications

• CCDE or dual CCIE; Cisco Certified Specialist certifications in SDA, ISE, or SD WAN.
• Automation fluency (Ansible, Python, Terraform), Git based workflows, and API integration with Catalyst Center/ISE/FTD/SD WAN.
• Wireless (Catalyst 9800/Prime/Catalyst Center Assurance), QoS strategy, multicast, NAC posture, and Zero Trust segmentation.
• Cloud networking (Azure/AWS), hybrid connectivity, and DNS/DHCP/IPAM integration.
• Familiarity with data center and campus interconnect (e.g., ACI concepts beneficial but not required).

Location: Los Angeles, CA • Salary: $83,600.00–$143,556.00 • Posted: 2 weeks ago