Senior Infrastructure Engineer - ZTNA

The Chief Security Office (CSO) is a vital part of delivering the Group's vision of putting customers at the heart of everything we do, helping Britain prosper and protecting the Group and customers from security threats. We're responsible for defining and communicating Lloyds Banking Group's security strategy and providing a range of critical Enterprise Security Services which not only operate key controls that keep the Group safe but also enable the digital transformation agenda of the wider organisation.

The Senior Infrastructure Engineer is responsible for the design, build, operation, and continuous improvement of enterprise infrastructure platforms, with specialist accountability for Zero Trust Network Access (ZTNA). The role provides deep technical expertise, uplifts infrastructure security controls, and ensures resilient, secure access services across LBG's hybrid technology estate in alignment with CSO's engineering standards.

In addition, the Senior Infrastructure Engineer plays a key role in developing talent within the team, providing day-to-day technical coaching, mentoring junior engineers, and owning management responsibilities to support capability growth and performance development.

This role also acts as the 3rd-level engineering and operational escalation point for ZTNA services, requiring strong hands-on capability across desktop, server, and network configurations to diagnose and resolve complex issues.

What You'll Do:

Engineering & Delivery

• Design, implement, and maintain ZTNA services across hybrid environments in line with CSO's Edge Security architecture.
• Build secure, scalable, repeatable engineering patterns, including infrastructure-as-code, policy-as-code, and automated guardrails.
• Deliver resilient and high-performing infrastructure services aligned to engineering excellence principles.
• Provide hands-on troubleshooting and configuration support across end-user devices, server platforms, and network infrastructure.
• Contribute to engineering quality through peer review, collaboration, and support for team-wide engineering uplift.

Security, Risk & Controls

• Implement Zero Trust-aligned controls across identity, access, segmentation, and device trust models.
• Ensure regulatory, audit, and internal security standards are met through integrated monitoring, logging, and policy enforcement.

Platform Ownership

• Manage the end-to-end lifecycle of ZTNA platforms, including patching, hardening, configuration governance, and observability.
• Maintain operational documentation, architectural standards, and runbooks.
• Act as 3rd-line technical authority for deep-dive investigations, root cause analysis, and complex incident recovery.
• Support simplification and transformation initiatives, ensuring alignment of ZTNA capabilities with modernisation strategies.

Technical Leadership & People Development

• Serve as an authority for ZTNA and infrastructure security, providing structured mentoring, coaching, and technical guidance to junior and mid-level engineers.
• Champion capability uplift by creating learning artefacts, running knowledge-sharing sessions, and supporting learning pathways.
• Promote high-quality engineering practices and secure-by-design approaches across the team.
• Undertake line management responsibilities, including goal-setting, performance feedback, wellbeing support, and helping shape individual development plans.

Collaboration & Stakeholder Engagement

• Work closely with IAM Engineering, Security Engineering, Network Services, and Product teams to deliver integrated Zero Trust solutions.
• Engage with collaborators to ensure ZTNA services meet business, security, and operational needs., Our ambition is to be the leading UK business for diversity, equity and inclusion supporting our customers, colleagues and communities and we're committed to creating an environment in which everyone can thrive, learn and develop.

• Infrastructure Engineering - Experience delivering complex infrastructure and security services across hybrid environments.
• Network Security & Access Control - Proven capability in designing and implementing secure access control or network security solutions.
• Demonstrated experience providing 3rd-line support for enterprise security or network platforms, ideally including ZTNA.
• Infrastructure-as-Code, automation, scripting, CI/CD
• Observability, monitoring, diagnostics
• Security Control Design & Assurance
• Advanced troubleshooting - Hands-on experience configuring, troubleshooting, and securing desktop, server, and network environments.
• Technical Leadership & Mentoring - Experience mentoring, coaching, or developing junior engineers; line management experience is highly desirable.

Specialist Skills

• Zero Trust frameworks (identity-centric access, continuous verification, least privilege, device trust)
• ZTNA platforms and architectures supporting enterprise Zero Trust access models
• Network segmentation, policy enforcement, and SASE/SSE models
• Secure automation patterns and codified controls
• Deep technical knowledge of OS-level networking and endpoint posture controls

Behavioural Expectations

• Demonstrates ownership, accountability, and strong engineering judgment.
• Acts as a recognised expert and actively supports the development of colleagues through mentoring and guidance.
• Promotes an inclusive, collaborative engineering culture and a continuous improvement mentality.
• Role-models supportive leadership behaviours and encourages psychological safety within the engineering community.

We were one of the first major organisations to set goals on diversity in senior roles, create a menopause health package, and a dedicated Working with Cancer Initiative.

We offer reasonable workplace adjustments for colleagues with disabilities, including flexibility in office attendance, location and working patterns. And, as a Disability Confident Leader, we guarantee interviews for a fair and proportionate number of applicants who meet the minimum criteria for the role with a disability, long-term health or neurodivergent condition through the Disability Confident Scheme.

We provide reasonable adjustments throughout the recruitment process to reduce or remove barriers. Just let us know what you need.

We also offer a wide-ranging benefits package, which includes

• A generous pension contribution of up to 15%
• An annual bonus award, subject to Group performance
• Share schemes including free shares
• Benefits you can adapt to your lifestyle, such as discounted shopping
• 30 days' holiday, with bank holidays on top
• A range of wellbeing initiatives and generous parental leave policies

At Lloyds Banking Group, we're driven by a clear purpose; to help Britain prosper. Across the Group, our colleagues are focused on making a difference to customers, businesses and communities. With us you'll have a key role to play in shaping the financial services of the future, whilst the scale and reach of our Group means you'll have many opportunities to learn, grow and develop. We keep your data safe. So, we'll only ever ask you to provide confidential or sensitive information once you have formally been invited along to an interview or accepted a verbal offer to join us which is when we run our background checks. We'll always explain what we need and why, with any request coming from a trusted Lloyds Banking Group person. We're focused on creating a values-led culture and are committed to building a workforce which reflects the diversity of the customers and communities we serve. Together we're building a truly inclusive workplace where all of our colleagues have the opportunity to make a real difference.