Design hybrid network architectures across datacenter, private cloud (VMware), and public cloud (AWS/Azure/GCP), including L2/L3 segmentation, routing domains/VRFs, overlays, and interconnect.
Define and implement SDN architectures (e.g., VMware NSX-T) including micro-segmentation, DFW policies, T0/T1 routing, NAT, Load Balancing (L4–L7), and edge services.
Architect multi-site solutions: EVPN/VXLAN fabrics, DC interconnect, cloud on-ramps, and zero-downtime migration patterns (e.g., HCX).
Design hybrid connectivity: Direct Connect / ExpressRoute, site-to-site VPN, SD-WAN (e.g., VMware VeloCloud), and BGP-based redundancy.
Implement NSX-T components (Managers, Edges, Transport Zones, Segment profiles), overlay networks (VXLAN/GENEVE), Tier-0/Tier-1 routing, and micro-seg rules.
Configure and maintain datacenter switching (Cisco NX-OS, ACI; Arista EOS; Juniper) including BGP/OSPF/IS-IS, EVPN, MLAG/vPC, QoS, SPT, MST.
Integrate identity and access (e.g., Entra ID/Azure AD, Okta, AWS IAM) with network policies (zero trust, group-based policy, NAC/802.1X where applicable).
Support VMware vSphere (ESXi, vCenter), physical-to-virtual networking mapping, and L4–L7 services (Palo Alto / Check Point / F5 BIG‑IP / NGINX).
Build and maintain cloud networking: VPC/VNet design, subnetting, IGW/NATGW, peering, Transit Gateway/Hub-Spoke, NACLs/NSGs/Security Groups, private endpoints, and Kubernetes (CNI) networking.
Automate with Terraform, Ansible, and scripts (Python, PowerShell); manage configuration via Git and CI/CD.
Troubleshoot complex packet flow issues using Traceflow, vRNI/Aria Ops for Networks, pcap/Wireshark, NetFlow/IPFIX, and cloud-native tools.
Define and enforce micro-segmentation and zero-trust network access; partner with security for policy definition (app identity, tags, security posture).

Requirements

10+ years architecting and operating enterprise/hyperscale networks across datacenter and cloud.
Deep VMware networking: NSX‑T (overlay networking, Tier‑0/Tier‑1, DFW micro-segmentation, NAT, LB, Edge clusters, Federation/site DR).
vSphere networking (VDS, port groups, teaming/policies) and physical-to-virtual integration patterns.
Routing & Switching: Protocol expertise: BGP, OSPF, EVPN, VRF, ECMP, Anycast, IGP/BFD, Multicast (nice to have), MPLS (awareness).
Datacenter switching: Cisco (NX‑OS/ACI), Arista EOS, or Juniper at scale.
Overlays & SDN: VXLAN/GENEVE, VTEPs, route reflectors, fabric underlay/overlay separation, SDN control-plane concepts.
Strong hands-on expertise in SDN & Overlay Protocols: Deep knowledge of VxLAN, EVPN, STP, LACP, vPC/MLAG and OSF/BGP, ACLs for building the scalable fabric that securely connects Private cloud infrastructure stack and platform and external environments
Cloud Networking (one or more): AWS: VPC, TGW, DX, PrivateLink, Route 53, GWLB, NLB/ALB, Security Groups/NACLs.
Azure: VNet, vWAN/Hub-Spoke, ER, Private Link, Azure Firewall, App GW, NSGs/UDRs, Route Server.
GCP: VPC, Shared VPC, Cloud Router, Interconnect, Private Service Connect, GLB.
Security & IAM: micro-segmentation frameworks, network security policies, IAM fundamentals (Azure AD/Entra, AWS IAM, Okta), RBAC.
Automation & IaC: Terraform, Ansible, Git, and scripting (Python or PowerShell) for repeatable network builds and policy as code.
Troubleshooting: Expert packet and control-plane debugging; able to isolate underlay/overlay issues, asymmetric routing, MTU/fragmentation, ECMP/blackhole, and cloud egress nuances.

Benefits

Health & Wellbeing
Personal & Professional Development
Unconditional Inclusion

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

VMware NSX-TBGPOSPFEVPNVXLANTerraformAnsiblePythonPowerShellSD-WAN

Soft Skills

troubleshootingcollaborationproblem-solvingcommunicationleadership