Infrastructure Architect

• Lead Hybrid Infrastructure Discovery: Rapidly assess the current state of the client’s key technology domains, including:

  • Core Infrastructure (Servers, WAN/LAN, WiFi, Firewalls, Data Centers)

  • Cloud Infrastructure (CDN, Multi-Cloud Networking, Managed Control Planes)

  • Infrastructure Insights (AIOps, FinOps, Policy & Compliance)

  • ITC Infrastructure (Composable Infrastructure, Image Management)

• Design the “IaC-First” Framework: Architect the high-level target state, focusing on a unified IaC workflow (e.g., GitOps) for provisioning and managing all infrastructure.

• Define the Source of Truth (SoT): Propose a strategy for a unified Source of Truth (like NetBox, mentioned in Core Infrastructure.jpg) to drive network and system automation.

• Architect Governance & Guardrails: Design the “as-code” framework for governance, including:

  • Policy as Code (PaC) (e.g., OPA, Sentinel) to enforce compliance and security standards.

  • FinOps & Cost Management (e.g., mandatory tagging, cost estimation in CI/CD).

  • Monitoring & AIOps as Code (e.g., declarative dashboards and alerts).

• Design Composable Infrastructure Patterns: Define a strategy for creating “composable”, reusable, self-service infrastructure blocks (e.g., Terraform Modules, Crossplane compositions) and a “golden image” management pipeline (e.g., Packer).

• Deliver the Strategic Roadmap: Present your findings, architectural blueprint, tool recommendations, and a phased execution plan to senior leadership. This roadmap will be the foundational guide for the new engineering team.

Architectural & Strategic Leadership

• 10+ years in infrastructure, with 5+ years in a Principal, Network Architect, or Solutions Architect role within large-scale global environments.

• Proven experience leading enterprise network modernization and hybrid environment transformations.

• Ability to define end-to-end target architectures across networking, cloud, compute, and governance domains.

Infrastructure as Code (IaC) & Automation Mastery (Non-Negotiable)

• Expert proficiency in Python for automation, APIs, and network script orchestration.

• Mastery of declarative IaC tools (Terraform, Ansible) for cloud and physical networking equipment.

• Deep hands-on experience implementing Policy as Code (OPA, Sentinel).

• Experience with Image as Code (Packer) and Monitoring as Code practices.

Enterprise Network Architecture Expertise

• Deep understanding of Layer 2–7 networking, including routing architectures, switching, segmentation, QoS, multicast design, and high-availability patterns.

• Expertise designing scalable WAN/LAN architectures, including MPLS, SD-WAN, and hybrid WAN topologies.

• Strong background in data center network architectures (leaf–spine, EVPN/VXLAN, VRFs, fabric automation).

Network Automation & Modernization

• Hands-on experience creating automated pipelines for network configuration, validation, compliance, and drift detection.

• Experience building network abstraction layers and intent-based architectures.

• Familiarity with NAPALM, NETCONF/YANG, RESTCONF, gNMI, or vendor automation frameworks (Cisco NSO, Arista CloudVision, Juniper Contrail).

Security & Zero-Trust Networking

• Strong understanding of enterprise security frameworks: Zero Trust, micro-segmentation, identity-based access control.

• Experience designing firewalling strategies across multi-cloud and on-prem (Palo Alto, Cisco ASA/FTD, Fortinet).

• Ability to architect global VPN, remote access, and secure edge solutions.

Multi-Cloud & Hybrid Network Architecture

• Expert knowledge of cloud networking primitives: VPC/VNET design, routing tables, peering, Transit Gateway, Direct Connect/ExpressRoute.

• Experience designing multi-cloud connectivity patterns (cloud-to-cloud, on-prem-to-cloud, hub-and-spoke, global mesh).

• Experience with cloud load balancing, DNS architectures, and traffic steering across providers.

DNS, IPAM, SoT & Network Governance

• Hands-on experience designing and automating DNS/IPAM (Infoblox, BlueCat) in hybrid environments.

• Ability to define and maintain a network Source of Truth (NetBox, Nautobot) integrated with GitOps workflows.

• Experience implementing guardrails for configuration compliance, policy enforcement, and auditability.

Hybrid & Multi-Cloud Expertise

• Architect-level knowledge of multi-cloud routing, segmentation, traffic engineering, and cloud-native networking services.

• Experience with cloud account/subscription governance (AWS Organizations, Azure Landing Zones).

• Experience with CDN-as-Code and backup/recovery automation.

Business & Platform Acumen

• Strong understanding of FinOps and cost governance in hybrid environments.

• Ability to communicate architecture vision to business and technical stakeholders.

• Experience driving culture shift from ticket-based operations to Git-based platform engineering.

• Competitive salary.
• Comfortable work in your local time zone.
• Flexible work schedule.
• Professional growth and development.
• Remote work format.
• Multicultural working environment.