Senior Network Architect/Engineer (Secure SD-WAN & IP/MPLS)

Job Description: Senior Network Architect/Engineer (Secure SD-WAN & IP/MPLS)Role SummaryWe are seeking a highly skilled and experienced Senior Network Architect/Engineer to lead the design, implementation, and operation of our next-generation secure Wide Area Network (WAN). This critical role requires deep, hands-on expertise in FortiGate Secure SD-WAN for distributed enterprise connectivity, coupled with an expert-level understanding of Nokia Service Router (SR) platforms and associated IP/MPLS routing technologies for our backbone or core network infrastructure. The role requires deep operational expertise in routing, traffic steering, SD-WAN overlay/underlay connectivity, and proactive fault detection in a 24x7 network operations environment. The engineer will ensure network stability, performance, and security through structured incident handling, service management, and coordination with OEM and internal engineering teams.Key ResponsibilitiesNetwork Design & Architecture: Design, plan, and optimize complex network topologies integrating FortiGate SD-WAN solutions with the core Nokia IP/MPLS network for seamless, secure, and high-performance connectivity.FortiGate SD-WAN Implementation: Lead the deployment, configuration, and management of FortiGate devices for SD-WAN, including Zero-Touch Provisioning (ZTP), advanced security policies (NGFW, UTM), dynamic path selection, and application steering.Nokia Routing Operations: Configure, maintain, and troubleshoot mission-critical Nokia Service Routers (e.g., 7750 SR, 7210 SAS), focusing on core routing protocols (BGP, OSPF, IS-IS) and advanced MPLS services (VPLS, VPRN, Segment Routing).Security Integration: Ensure a cohesive security posture by integrating FortiGate's security features with the wider network infrastructure, establishing secure VPNs (IPsec/SSL), and defining network segmentation.Troubleshooting & Resolution (Tier 3/4): Serve as the highest escalation point for complex, multi-vendor network and security incidents, diagnosing issues across both the FortiGate overlay and Nokia underlay networks.Documentation & Standards: Create and maintain high-quality documentation (HLD/LLD), operational runbooks, and configuration templates to ensure standardization and compliance.Core IP Network Operations: Administer and troubleshoot Nokia Router platforms (e.g., Service Routers) and related protocols (BGP, OSPF, MPLS, RSVP, LDP) essential for core Telco service delivery.Key Skills & ProficienciesFortinet SD-WAN & SecurityDeep Expertise in FortiOS: Mastery of FortiGate firewall and security features (NGFW, UTM, IPS, Web Filtering, Application Control).SD-WAN Fabric: Comprehensive knowledge of FortiGate SD-WAN architecture, including SD-WAN Rules, performance SLAs, and centralized management using FortiManager.Automation: Experience with Fortinet Fabric Connectors, automation stitches, and scripting for large-scale SD-WAN deployments.Analytics: Proficiency in utilizing FortiAnalyzer for log analysis, reporting, and proactive monitoring of security and network performance.Nokia IP Routing & MPLSService Router OS (SR OS): Expert-level configuration and troubleshooting on Nokia Service Router platforms.Core Routing: In-depth knowledge of BGP (IBGP/EBGP, Route Reflectors), OSPF/IS-IS, and routing policy/manipulation (route-maps, prefix-lists).MPLS & Services: Strong understanding and experience with MPLS, LDP, RSVP-TE, and Layer 2/Layer 3 VPN services (VPLS, VPRN).QoS (Quality of Service): Designing and implementing complex QoS policies for differentiated traffic handling across the Nokia core.General Network & Soft SkillsProtocols: Expert knowledge of TCP/IP, Ethernet, L2/L3 technologies, IPsec, and network virtualization concepts.Problem-Solving: Exceptional analytical and structured troubleshooting skills in a multi-vendor environment.Communication: Ability to clearly articulate complex technical issues and solutions to both technical and non-technical audiences.Recommended CertificationsCertifications from both Original Equipment Manufacturers (OEMs) are crucial to validate the dual expertise required for this role.VendorCertification LevelFocus FortinetFCSS - Network Security (SD-WAN)Fortinet Certified Solution Specialist. Validates expertise in complex FortiGate SD-WAN and advanced security.FCP - Network Security (NSE 4/5)Fortinet Certified Professional. Validates hands-on daily configuration and management.NokiaNRS II (Nokia Routing Specialist II)Focus on IP/MPLS and advanced router configuration. Highly recommended minimum.SRA (Service Routing Architect)The highest-level Nokia certification. Demonstrates expertise in designing, building, and supporting service provider networks and services. Highly desirable.NOC Management & Operations RequirementsThe candidate will be a key resource for the Network Operations Center (NOC), defining tools and processes for managing the combined environment.Centralized Management Tools:FortiManager/FortiAnalyzer: Must be able to leverage these tools for centralized configuration, policy rollout, and security event correlation across the SD-WAN estate.Nokia Network Management: Experience with Nokia's management tools (e.g., Network Services Platform - NSP) or similar carrier-grade platforms for fault, configuration, accounting, performance, and security (FCAPS).Proactive Monitoring & Alerting:Define and implement monitoring strategies for both SD-WAN overlay quality (latency, jitter, loss) and Nokia underlay health (interface status, CPU, memory, routing protocol peering).Integrate FortiGate/FortiAnalyzer and Nokia platform alarms with the centralized NOC ticketing and monitoring systems (e.g., Nagios, Zabbix, Splunk, ServiceNow).Incident & Change Management:Adhere to strict ITIL-based processes for managing high-risk changes on core Nokia routers and mass deployments/changes on the FortiGate SD-WAN fabric.Develop and manage Standard Operating Procedures (SOPs) for common Level 1/2/3 NOC tasks, enabling efficient first-line support.Automation Focus:Advocate for and implement automation solutions (e.g., Ansible, Python scripting) to reduce manual configuration errors and accelerate deployment/troubleshooting on both the Fortinet and Nokia platforms.Performance Reporting: Responsible for generating operational reports, tracking key performance indicators (KPIs) like availability and incident resolution times (MTTR), and presenting findings to management