Overview:

Key Responsibilities

Cisco ACI & Data Center Networking
• Design, implement, and maintain Cisco Nexus platforms running ACI mode, including VRFs, Bridge

Domains, EPGs/ESGs, L3Out, contracts, and fabric policies.
• Integrate ACI with virtualization and container platforms including Red Hat OpenShift VMM and

Isovalent/Cilium.
• Configure and optimize RoCEv2 within the ACI fabric for high-performance, low-latency workloads.
• Conduct advanced troubleshooting of ACI fabric health, faults, endpoint learning, contracts, and

multi-tenant segmentation.
• Develop and maintain fabric documentation, standards, and operational procedures.

Cisco Catalyst & Software-Defined Access
• Deploy and support Cisco Catalyst platforms within campus environments.
• Design and maintain Software-Defined Access (SDA) architectures, including SDA Wired Fabric and

Fabric-Enabled Wireless.

2
• Manage fabric underlay and overlay, policy mapping, authentication integrations, and assurance

operations.
• Collaborate with wireless engineers to optimize coverage, performance, and policy enforcement

across SDA.

Identity-Driven Networking & Security Technologies
• Configure and administer Cisco Identity Services Engine (ISE) for TACACS+ device administration,

authentication and authorization policy sets, and endpoint profiling.
• Integrate Cyber Vision intelligence into profiling, segmentation, and access control workflows.
• Support Zero Trust efforts through identity-centric segmentation and policy integration across ACI

and SDA fabrics.

Visibility, Analytics & Observability
• Deploy and manage ThousandEyes for end-to-end visibility, routing path analysis, and performance

monitoring.
• Implement and support Cisco Cyber Vision for OT/IoT asset visibility, device classification, and

behavior analysis.
• Manage DNA Spaces for location analytics, telemetry ingestion, device behavior, and wireless

intelligence.
• Provide meaningful insights to leadership using data from these observability platforms.

Core Network Engineering
• Troubleshoot complex L2/L3 network issues across multiple environments including VLANs, OSPF,

BGP, STP, and multicast.
• Designing, and implementing Palo Alto Networks security solutions across enterprise environments.
• Create and maintain documentation including architecture diagrams, standards, runbooks, and

asset inventories.
• Assist in modernization planning, platform upgrades, procurement processes, and statewide

technology initiatives.

Other duties as assigned.

Required Skills/Experience

Provide the minimum required skills and/or experience the contractor must possess to qualify for this position. These

requirements will be transferred to the Score Sheet and candidates without these requirements reflected on their resume will

NOT be presented to the manager for consideration.

The DOR SME must possess:
• Minimum of 15 years of experience working with Cisco networking.

Required Skills & Qualifications
• Hands-on experience with Cisco ACI in production environments.
• Deep knowledge of ACI constructs (VRF, BD, EPG, ESG, L3Out, contracts).
• Experience integrating ACI with OpenShift VMM and Cilium/Isovalent.
• Proficiency with Cisco Catalyst platforms and SDA fabric technologies.
• Experience administering Cisco ISE including TACACS+ and policy-set based NAC.
• Strong understanding of ThousandEyes, Cyber Vision, and DNA Spaces or comparable tools.
• Solid command of core TCP/IP, routing, switching, QoS, and network security fundamentals.
• Ability to develop clear diagrams, documentation, and architectural artifacts.
• Strong analytical and communication skills with the ability to work in fast-paced, mission-critical environments.

Preferred/Not Required

Provide any skills/experience that would be helpful for the candidate to possess but not required. Examples: Previous supervisory

experience, WebLogic experience helpful, etc.
• Cisco certifications such as CCNP Data Center, CCNP Enterprise, CCIE, or equivalent experience.
• Hands-on experience with container networking and virtualization integrations.
• Familiarity with NIST frameworks and state-level cybersecurity requirements.
• Experience with network automation tools (Python, Ansible, REST APIs).
• Prior work in state government or large enterprise network environments.
• PCCSA - Palo Alto Networks Certified Cybersecurity Associate

Foundational security, NGFW basics, threats, App-ID, and policy.
• PCNSA - Palo Alto Networks Certified Network Security Administrator

Focuses on NGFW configuration, security profiles, NAT, App-ID, URL filtering, WildFire

Skills:

VRF,BD,EPG,ESG,L3Out,contracts