Network Architect

Job Description

Job Description

Network Architect SME
Location: Washington, D.C. (Onsite, 5 days per week)
Clearance: Must be able to obtain a Public Trust (U.S. Citizenship required)
Salary Range: $165,111–$179,545

We are supporting the Department of Justice (DOJ CRM) with a critical need for an experienced Network Architect Subject Matter Expert (SME). This role will lead the design, integration, and optimization of secure, enterprise-scale networks for a federal environment.

The ideal candidate is an expert in enterprise networking, with deep knowledge of Cisco technologies, Palo Alto firewalls, and identity services. You will architect solutions, mentor engineers, and ensure compliance with federal standards.

Key Responsibilities

• Lead design, architecture, and implementation of enterprise LAN, WAN, WLAN, and data center networks.

• Integrate Cisco ISE with wired and wireless networks using 802.1X authentication (RADIUS/TACACS+).

• Architect and manage firewall ecosystems, including Palo Alto Panorama/NGFWs and Cisco ASA/Firepower.

• Implement advanced routing and switching (OSPF, BGP, VXLAN, BGP EVPN).

• Manage IPSec tunnels and secure integrations with the Justice Management Network (JUTNet).

• Oversee Catalyst Center (DNAC) integrations and streaming telemetry.

• Leverage monitoring tools (SolarWinds or equivalent) for analytics and troubleshooting.

• Define and enforce PKI/certificate management and Active Directory (LDAP/LDAPS) integrations.

• Maintain documentation, runbooks, and use NetBox as a source of truth.

• Mentor junior and senior engineers; act as an escalation point for complex issues.

• Align network operations with ITIL practices and federal compliance requirements.

Required Qualifications

• Bachelor's degree + 10 years of enterprise network experience, or 13+ years without degree.

• 15+ years total in enterprise network engineering/architecture.

• At least one of the following certifications: CCNA Security, CySA+, GICSP, GSEC, Security+ CE, SSCP, or equivalent.

• Expert proficiency with Cisco routing, switching, wireless, and ISE.

• Hands-on experience with Palo Alto Panorama, NGFWs, and Cisco ASA.

• Advanced knowledge of VXLAN, BGP EVPN, IPSec, RADIUS/TACACS+, PKI, and AD/LDAP.

• Strong experience with network monitoring/analytics tools (e.g., SolarWinds).

• Excellent communication skills and proven leadership/mentorship abilities.

Preferred

• ITIL v4 Foundation or higher.

• CCNP/CCIE Enterprise or Security.

• Palo Alto PCNSE.

• Knowledge of JUTNet and worldwide networking environments.