Lead Network Engineer

Lead Network Engineer is required by a very prestigious, highly successful and global organisation.

PURPOSE OF THE JOB

You will be accountable for the design and ownership, and continuous improvement of the organisation's network solutions, ensuring secure, resilient, and high-performing connectivity across 1,000 sites and corporate environments. Responsible for leading the network engineering team, mentoring two network engineers, and managing the delivery and lifecycle of network technology and services. Vendor collaboration is a key part of this role as have partnered with various organisations to assist with the day-to-day operations.

JOB RESPONSIBILITIES

Network Solution Design & Authority

• Owner of network architecture and design, accountable for developing and maintaining scalable, secure, resilient, and innovative solutions that align with business and security requirements.
• Responsible for evaluating emerging technologies, driving adoption of best practices, and ensuring all network solutions are future-proof and cost-effective.

Team Leadership & Mentoring

• Lead, mentor, and develop a team of network engineers, managing their workload, performance, and professional growth.
• Allocate tasks, set priorities, and ensure the team delivers high-quality support and project outcomes within agreed SLAs.

Operational Excellence

• Accountable for the operational integrity of WAN, LAN, Wi-Fi, and cloud-based network services.
• Oversee incident response, troubleshooting, and root cause analysis for complex network issues, ensuring timely resolution and minimal business impact.
• Owner of network device configuration management, backup, and disaster recovery processes.

Security & Compliance

• Responsible for enforcing network security baselines, compliance with internal policies, and external standards (eg, ISO 27001, NIST CSF).
• Collaborate with the Security team on vulnerability management, incident response, and audit readiness.

Supplier & Stakeholder Management

• Act as the primary technical authority with network service providers and hardware vendors, accountable for SLA adherence, capacity planning, and service improvement.
• Coordinate change windows, communications, and post-change validation with business and IT stakeholders.

Documentation & Governance

• Owner of network documentation, including diagrams, inventories, runbooks, and change records.
• Contribute to architecture standards, design reviews, and continuous improvement initiatives.

On-call & Travel

• Participate in an on-call rota for major incidents and perform occasional travel to sites and data centers.

EDUCATION/CERTIFICATIONS

• Bachelor's degree in Computer Science, Information Security, or related field (or equivalent practical experience).
• Cisco CCNP or higher (or equivalent).
• Cloud networking certification (eg, Azure/AWS) highly desirable.
• Security certifications (eg, CompTIA Security+, CySA+, or SSCP) are advantageous.

EXPERIENCE

• Minimum 10 years' experience in enterprise network engineering, with proven team leadership and workload management responsibilities.
• Demonstrated experience in designing, implementing, and supporting SD-WAN, large-scale Wi-Fi, NAC, and Firewall solutions in hybrid (cloud/on-prem) environments.
• Experience in leading a small team of engineers, including resource planning.
• Track record of leading network changes in high-availability, mission-critical environments with minimal downtime.
• Experience collaborating with third-party vendors and suppliers to deliver critical services and oversee SLA compliance.

KNOWLEDGE AND EXPERTISE

• Routing & Switching: Expert knowledge of BGP, static routing, route redistribution. VLANs, trunking, STP variants, LACP/EtherChannel.
• Cloud & Modern IT: Significant knowledge of cloud networking principles including the design and configuration of services (Azure/AWS), including Express Routes, vNets, NGS's, routing tables, and security appliances.
• Networking Principles & Protocols: Expert understanding of network protocols and infrastructure such as TCP/IP, DNS, DHCP, 802.1x. SD-WAN, PKI, Radius, QoS, IP addressing and subnetting.
• Firewalls: Substantial understanding and experience of policy & object configuration, IPS/IDS, web filtering, application control, SSL inspection, VPN's, IPsec tunnels, HA clusters, segmentation, and NAT.
• Security Controls: Proven ability to implement, and maintain robust network security measures for infrastructure, users, and devices. Skilled in configuring security policies, logging and monitoring, and integrating advanced solutions such as IDS/IPS, NAC, and network segmentation.
• Management & Monitoring: Proficient with SNMP, syslog, SIEM, and network automation, capacity planning and monitoring tools including introducing such tooling.
• Threat Landscape: Deep understanding of common networking attack vectors and defense-in-depth strategies.
• Risk & Compliance: Board understanding of risk assessment methodologies, control frameworks (ISO 27001, NIST CSF, CIS Controls).

SKILLS

• Analytical & Detail-Oriented: Keen eye for anomalies; precise documentation and follow-through.
• Communication: Clear written and verbal communication-translating technical detail into business-friendly risk insights.
• Collaboration: Works well with Infrastructure, Application, and Business teams; influences without authority.
• Self-Motivation: Proactive ownership; drives tasks to completion with minimal supervision.
• Process Discipline: Organizes workload, meets deadlines, and adheres to SLAs and standards.
• Ethics & Confidentiality: Handles sensitive information with discretion and integrity.

Excellent training and career development opportunities exist for the right candidate.

Basic salary to £81,000 + excellent benefits

Based Woking in Surrey 2 days per week.

• Bachelor's degree in Computer Science, Information Security, or related field (or equivalent practical experience).
• Cisco CCNP or higher (or equivalent).
• Cloud networking certification (eg, Azure/AWS) highly desirable.
• Security certifications (eg, CompTIA Security+, CySA+, or SSCP) are advantageous., * Minimum 10 years' experience in enterprise network engineering, with proven team leadership and workload management responsibilities.
• Demonstrated experience in designing, implementing, and supporting SD-WAN, large-scale Wi-Fi, NAC, and Firewall solutions in hybrid (cloud/on-prem) environments.
• Experience in leading a small team of engineers, including resource planning.
• Track record of leading network changes in high-availability, mission-critical environments with minimal downtime.
• Experience collaborating with third-party vendors and suppliers to deliver critical services and oversee SLA compliance.

KNOWLEDGE AND EXPERTISE

• Routing & Switching: Expert knowledge of BGP, static routing, route redistribution. VLANs, trunking, STP variants, LACP/EtherChannel.
• Cloud & Modern IT: Significant knowledge of cloud networking principles including the design and configuration of services (Azure/AWS), including Express Routes, vNets, NGS's, routing tables, and security appliances.
• Networking Principles & Protocols: Expert understanding of network protocols and infrastructure such as TCP/IP, DNS, DHCP, 802.1x. SD-WAN, PKI, Radius, QoS, IP addressing and subnetting.
• Firewalls: Substantial understanding and experience of policy & object configuration, IPS/IDS, web filtering, application control, SSL inspection, VPN's, IPsec tunnels, HA clusters, segmentation, and NAT.
• Security Controls: Proven ability to implement, and maintain robust network security measures for infrastructure, users, and devices. Skilled in configuring security policies, logging and monitoring, and integrating advanced solutions such as IDS/IPS, NAC, and network segmentation.
• Management & Monitoring: Proficient with SNMP, syslog, SIEM, and network automation, capacity planning and monitoring tools including introducing such tooling.
• Threat Landscape: Deep understanding of common networking attack vectors and defense-in-depth strategies.
• Risk & Compliance: Board understanding of risk assessment methodologies, control frameworks (ISO 27001, NIST CSF, CIS Controls)., * Analytical & Detail-Oriented: Keen eye for anomalies; precise documentation and follow-through.
• Communication: Clear written and verbal communication-translating technical detail into business-friendly risk insights.
• Collaboration: Works well with Infrastructure, Application, and Business teams; influences without authority.
• Self-Motivation: Proactive ownership; drives tasks to completion with minimal supervision.
• Process Discipline: Organizes workload, meets deadlines, and adheres to SLAs and standards.
• Ethics & Confidentiality: Handles sensitive information with discretion and integrity.

Excellent training and career development opportunities exist for the right candidate.