Architect and implement enterprise-scale cloud and HCI architectures, ensuring seamless connectivity between on-prem infrastructure (HyperFlex, VxRail) and Microsoft Azure via ExpressRoute, VPN Gateways, and Virtual WAN.
Serve as a strategic advisor to infrastructure, application, and security teams, aligning networking choices (latency, bandwidth, and topology) to business performance goals.
Define and maintain architectural blueprints for hybrid networking, including IP addressing schemes, routing protocols (BGP), and VNet/VPC peering standards.
Architect Active Directory and Azure AD for secure identity, while implementing Network Security Groups (NSGs), ASGs, and Azure Firewall to enforce micro-segmentation.
Lead migration efforts, transitioning legacy workloads to Azure, ensuring network integrity and minimal downtime during "lift and shift" or refactoring projects.
Evaluate and deploy HCI platforms, optimizing the underlying networking fabric (Cisco ACI or Dell SmartFabric) for maximum compute and storage throughput.
Implement disaster recovery strategies leveraging Azure Site Recovery and global load balancing (Traffic Manager, Front Door) to ensure high availability.
Collaborate with security teams to harden network entry points and enforce compliance (NIST, ISO 27001) through deep packet inspection and encrypted transit.
Lead cross-team design sessions and PoCs for emerging network technologies like Zero Trust Network Access (ZTNA) and SASE.
Requirements
10+ years of infrastructure, systems, or cloud architecture experience, including enterprise design leadership.
Advanced Networking Expertise: Deep understanding of TCP/IP, BGP, OSPF, and VLAN/VXLAN configuration.
Experience with SD-WAN providers and content delivery networks (CDNs).
Cloud Networking: Expert-level knowledge of Azure Networking (VNet, Azure Firewall, Front Door, Application Gateway, and Private Link).
HCI & Fabric Management: Expertise with hyperconverged platforms including Cisco HyperFlex and Dell VxRail, including the management of integrated switching fabrics.
Directory Services & DNS: Deep understanding of Windows Server, Active Directory, and enterprise-grade DNS/DHCP/IPAM (DDI) solutions.
Security & Zero Trust: Proficient in Azure AD, Conditional Access, and implementing Zero-Trust principles at the network layer (micro-segmentation and SASE).
Virtualization & SDN: Strong background in VMware vSphere/ESXi and Software-Defined Networking concepts (NSX-T or Azure Virtual WAN).
Automation: Experience with Infrastructure as Code (Bicep, Terraform, or Ansible) to automate network provisioning and security policy deployment.
Certifications: AZ-305, AZ-500, Cisco CCNP/CCIE (Enterprise or Data Center), VMware VCP, or TOGAF (preferred).
Soft Skills: Excellent verbal and written communication skills with the ability to influence senior leadership and stakeholders.