Cognizant is hiring a Network Architect

Cognizant is looking for a Senior Network Architect with deep expertise in enterprise and data center networking. You will lead end-to-end architecture, including design, roadmap, migration strategy, implementation oversight, operational readiness, and security compliance, ensuring scalable and resilient connectivity for business-critical environments.

What You'll Do

• Own high-level and low-level network designs (HLD/LLD) for campus, WAN, and data center environments.
• Define network standards, reference architectures, and reusable patterns for routing, switching, segmentation, and security.
• Lead technology selection, capacity planning, and performance engineering for large-scale networks.
• Architect and govern Cisco R&S including OSPF/BGP/EIGRP, route redistribution, VRF, QoS, multicast, and high availability.
• Design and implement Cisco Nexus based DC fabrics (vPC, VDC, VXLAN EVPN).
• Drive resilient DC connectivity patterns (ECMP, redundant uplinks, dual-homing, spine-leaf designs).
• Design and govern Cisco ACI fabric architecture: tenants, VRFs, bridge domains, EPGs, contracts, L4-L7 service insertion.
• Build and manage ACI policies, micro-segmentation, and integration with external networks, firewalls, and load balancers.
• Support ACI upgrades, migrations, and operationalization best practices.
• Architect and oversee Cisco SD-WAN deployments (policy design, segmentation, app-aware routing, DIA, ZTP).
• Define WAN transformation strategies: MPLS to broadband/DIA, dual ISP, resilience patterns, and centralized security integration.
• Architect perimeter and internal security controls using Cisco FTD (FMC policies, ACP, NAT, IPS, SSL decryption, VPN).
• Design and implement Palo Alto security solutions: security policy, NAT, routing, zones, App-ID, User-ID, URL filtering, IPS/Threat prevention.
• Own firewall rule governance: standards, review, recertification, and audit alignment.
• Design secure site-to-site and remote access VPNs, segmentation, and zero-trust aligned controls.
• Design hybrid connectivity: ExpressRoute, VPN, Transit Gateway, VPC/VNet peering, hub-spoke architectures.
• Define cloud network segmentation, routing, DNS, and firewalling patterns for secure connectivity.
• Partner with cloud/security teams to ensure architecture aligns with landing zones, compliance, and security baselines.
• Lead technical workshops with customers, application teams, and security teams.
• Provide guidance to implementation teams; review configs and change plans; drive production readiness and cutover governance.
• Create and maintain architecture artifacts: HLD/LLD, SOPs, runbooks, test plans, and rollback procedures.
• Participate in incident/problem management: RCA, preventive actions, automation opportunities.

What We're Looking For

• Expertise in Cisco Routing & Switching: OSPF, BGP, HSRP/VRRP, STP, LACP, QoS, NAT, IPv4/IPv6.
• Hands-on experience with Cisco Nexus: vPC, fabric design principles, data center operations.
• Deep knowledge of Cisco ACI: APIC, tenants/VRF/BD/EPG/contracts, L4-L7 integration, troubleshooting.
• Experience with Cisco SD-WAN: vManage/vBond/vSmart concepts, policy framework, segmentation, app routing.
• Proficiency with Cisco FTD / Firepower with FMC: access control policies, NAT, IPS, VPN, upgrades and troubleshooting.
• Skills with Palo Alto: security policy, NAT, zones, routing, threat prevention, operational governance.
• Exposure to Azure & AWS networking: VNet/VPC design, routing, peering, gateways, hub-spoke, TGW, cloud security integration.
• Experience with hybrid connectivity design patterns and operational troubleshooting.
• Ability to create HLD/LLD documents, conduct architecture reviews, and produce technical documentation.
• Strong troubleshooting and RCA skills across LAN/WAN/DC/Firewall/Cloud.
• Excellent communication and stakeholder management skills.

Nice to Have

• Automation skills: Ansible, Python, Terraform, CI/CD for network.
• Monitoring/Telemetry experience: SNMP/NetFlow/sFlow, Syslog, Splunk, ThousandEyes, SolarWinds, Cisco DNA Center.
• Familiarity with Load Balancers / ADC: F5, Citrix Netscaler, or equivalents.
• SASE / ZTNA exposure.
• ITIL processes, change management, service transition.
• Certifications: CCNP / CCIE (Enterprise / DC / Security), Cisco ACI certification, PCNSE (Palo Alto), Azure (AZ-700) and/or AWS Advanced Networking – Specialty.

Technical Stack

• Cisco ACI
• Cisco Routing and Switches
• PaloAlto firewall
• Cisco FTD Firewall
• Azure Infra
• Cisco Nexus
• Cisco SD-WAN
• AWS

Benefits & Compensation

• Medical/Dental/Vision/Life Insurance
• Paid holidays plus Paid Time Off
• 401(k) plan and contributions
• Long-term/Short-term Disability
• Paid Parental Leave
• Employee Stock Purchase Plan

Work Mode

This role is a local-city position in Dallas, Texas.

Cognizant is an equal opportunity employer.