Network Service Delivery Principal

We are seeking a visionary and highly technical Network Principal to lead the strategic design, evolution, and governance of NESO' network infrastructure. While our Network Engineers focus on implementation and operations, this role defines the blueprint they build from.

You will bridge the gap between business strategy and technical execution, architecting scalable, automated, and secure network solutions across LAN, WAN (including SD-WAN), cloud (AWS/Azure), and data center environments. You will drive the adoption of Network DevOps and Infrastructure as Code principles at an architectural level, partnering with our MSP, ensuring our network is not just stable, but programmable and resilient. This role requires a deep understanding of both traditional networking and modern automation paradigms, mentoring engineering teams, and providing technical direction to senior management.

• Define and govern the overarching architectural framework for NESO's network, including LAN, WAN (with SD-WAN), cloud platforms (AWS/Azure), and data center environments.
• Translate business objectives into actionable network designs, establishing clear architectural standards, roadmaps, and best practices.
• Network Principal scalable, automated, and secure network solutions that underpin NESO's operational and strategic ambitions.
• Collaborate closely with cloud, infrastructure, and application teams, as well as external partners, to integrate network architectures seamlessly across hybrid and cloud environments.
• Drive the adoption of Network DevOps and Infrastructure as Code principles, enhancing the programmability, efficiency, and resilience of network operations.
• Mentor and guide engineering teams, provide technical leadership and foster a culture of continuous learning and professional growth.
• Serve as a technical authority, advising stakeholders on network architecture, emerging technologies, and industry best practices.

This position is distinguished by its strategic focus and technical leadership, empowering engineering teams to deliver robust solutions, elevating technical standards, and shaping NESO's network architecture vision for the future., * Own the end-to-end network security architecture for NESO, ensuring robust protection across on-premises, cloud, and hybrid environments.

• Design, document, and govern secure network segmentation strategies, including Zero Trust models, next-generation firewall frameworks, and secure connectivity solutions such as Direct Connect, and Transit Gateway currently delivered by ZScaler
• Develop and maintain a comprehensive 12-24 month technology roadmap for network security, prioritizing automation, orchestration, and integration with the NESO Digital Strategic ecosystem to enhance operational efficiency and resilience.
• Define, publish, and enforce enterprise-wide network security standards, conducting regular architectural reviews to ensure alignment with business objectives, regulatory requirements, and industry best practices.
• Serve as the highest escalation point for complex network security incidents, analyzing network packet captures and logs to design and implement permanent solutions that address root causes and strengthen the overall security posture.
• Continuously research emerging network security threats, vulnerabilities, and industry trends, recommending architectural innovations to proactively address evolving risks.
• Design and review cloud security architectures, collaborating with cloud teams to ensure secure integration and governance across public, private, and hybrid cloud platforms.
• Provide technical mentorship and guidance to engineering and operations teams, promoting professional growth, knowledge sharing, and adherence to NESO's network security vision and standards.

• 8+ years of experience in network engineering, with at least 3+ years in a dedicated Network Principal or Lead role designing global, enterprise-scale networks.
• Proven ability to see the "big picture" and design holistic solutions that balance performance, security, cost, and automation. You don't just configure switches; you design the fabric they operate within.
• Expert-Level Technical Knowledge:

• Deep expertise in routing and switching protocols (BGP, OSPF, VXLAN, MPLS) and network fundamentals (TCP/IP, UDP, DNS, DHCP).
• Advanced knowledge of enterprise network stacks: Cisco (routers/switches/WiFi), Firewalls, load balancers (F5/others), and SD-WAN technologies.
• Strong understanding of Cloud Networking in AWS/Azure (VPCs, Transit Gateway, PrivateLink, Direct Connect, Security Groups, NAT, Cloud WAN).
• Mastery of network monitoring, observability, and IPAM tools at scale.

• Network DevOps & Automation:

• Proven experience architecting and implementing Infrastructure as Code (IaC) for networking (Terraform, CloudFormation, Ansible).
• Understanding of CI/CD pipelines, version control (Git), and automated testing for network configurations.
• Ability to design systems that are scalable, automated, and well-documented against coding standards.

• Certifications (Highly Desirable):

• Network Principal Level: TOGAF, SABSA, or CISSP-ISSAP.
• Vendor Professional/Expert: CCNP/CCDE or CCIE (Cisco), PCNSE (Palo Alto), NSE 7/8 (Fortinet)
• DevOps: AWS/Azure Solutions Network Principal Professional, or HashiCorp certifications.

• Exceptional ability to create clear architectural diagrams (Visio/Lucid) and presentations for consumption by engineering teams, peers, and senior management. You can explain a BGP path selection issue to an engineer and a business risk to a director.
• Deep understanding of ITIL concepts within an Agile, process-driven environment. A "no-blame" mindset focused on continuous improvement and preventing future incidents through architectural automation. Highly self-motivated with a passion for learning.