Locations: Cambridge, Macclesfield, Luton (UK)
Working model: Hybrid / Onsite as required
The Role
We are seeking a hands-on Cloud Network Engineer with strong AWS networking and DevOps experience to design, build, and automate large-scale cloud networking platforms across complex enterprise environments.
This role is firmly delivery-focused. You will be expected to work at a practical, implementation level, owning AWS networking and automation day to day, not just producing designs.
You’ll play a key role in delivering cloud-native, automation-led network solutions, enabling secure, scalable platforms across multi-account and hybrid estates.
What You’ll Be Doing
* Design, build, and operate AWS networking services in production environments
* Implement multi-account AWS networking, including:
* VPC design and segmentation
* PrivateLink and routing strategies
* Own low-level implementation details, not just high-level architecture
* Contribute to architecture governance with practical, buildable designs
* Deliver hands‑on hybrid connectivity between AWS and on‑prem / enterprise networks
* Implement and operate:
* AWS Direct Connect (VIFs, LAGs, resiliency)
* IPSec VPNs and BGP-based routing
* Hybrid DNS solutions
* Troubleshoot real‑world routing and connectivity issues in production
DevOps, Automation & Infrastructure as Code (Core to the Role)
* Build and maintain network automation using:
* Terraform (primary) and/or CloudFormation
* APIs and scripting
* Operate CI/CD pipelines for network and IaC changes using GitHub (or equivalent)
* Use Git as the system of record for all network changes
* Implement:
* Code reviews and branching strategies
* Automated testing and validation
* Security scanning and compliance gates
* Integrate automation into operational processes (change, documentation, CMDB)
This role requires proven, hands‑on DevOps experience not just familiarity.
Security & Zero Trust Networking
* Implement AWS-native security controls and segmentation patterns
* Design and operate:
* Centralised egress and inspection
* Cloud firewalls and traffic steering
* Work with identity‑aware and posture‑based access models
* Exposure to Zscaler ZIA/ZPA or similar secure service edge solutions is highly desirable
Operational Delivery & Onsite Work
* Support the transition of automated platforms into live operations
* Embed observability and logging (flow logs, monitoring, SIEM integration)
* Participate in change windows and stakeholder communications
* When required:
* Perform onsite network installs and cutovers
* Support racking, cabling, staging, testing, and troubleshooting
* Strong, hands‑on AWS networking experience in production environments
* Demonstrable delivery of:
* VPCs, Transit Gateway, routing, and segmentation
* Direct Connect and hybrid connectivity
* Proven DevOps capability, including:
* Terraform (or equivalent IaC)
* CI/CD pipelines for infrastructure and networking
* Git‑based workflows and code reviews
* Solid understanding of:
* Routing, TCP/IP, BGP
* Network security fundamentals
* Comfortable working at low‑level technical detail, not just conceptual design
* Clear communicator able to explain complex technical decisions
* Advanced Transit Gateway and routing patterns
* Gateway Load Balancer, traffic inspection patterns
* Financial services, regulated, or large‑scale enterprise environments
Certifications (Strongly Preferred)
* AWS Advanced Networking – Specialty
* AWS Solutions Architect – Professional
* AWS DevOps Engineer or Security certifications
* Network or cloud security certifications (e.g. CISSP, Zscaler, GIAC)
Travel & Onsite Requirements
* Willingness to travel (up to ~25%, project dependent)
* Comfortable working onsite for critical delivery activities
* Happy to be hands‑on with physical network tasks when required
#J-18808-Ljbffr