We’re looking for a hands-on Azure Network Engineer to help design, maintain, and uplift the corporate cloud network for an enterprise financial institution operating in a highly regulated (APRA) environment. You’ll own the Azure networking foundations — hub-and-spoke, ExpressRoute, VPN/site-to-site connectivity, firewalls, and zero-trust controls — and deliver every change as code through Terraform.
This is a networking-first role for someone who enjoys building secure, compliant, automated infrastructure and partnering closely with security, platform, and application engineering teams. Experience with application DevOps, AWS, Kubernetes, and CI/CD pipelines is a welcome bonus, but the core of this role is Azure networking done well, safely, and at scale.
- Azure Network Design & Delivery: Design, build, and uplift enterprise Azure networking: hub-and-spoke topologies, ExpressRoute, site-to-site and point-to-site VPN, Azure Firewall, NSGs/ASGs, UDRs, DNS, and load balancing.
- Infrastructure as Code: Deliver and manage all network infrastructure and firewall/policy changes through Terraform, with peer-reviewed, version-controlled, automated pipelines.
- Security & Zero Trust: Implement and maintain zero-trust network architecture, micro-segmentation, and secure perimeter controls; partner with the security team on firewall request workflows and policy uplift.
- Compliance & Governance: Ensure all network changes meet the security, governance, and audit requirements expected in a regulated banking environment, using Azure Policy (definitions, initiatives, and automated remediation), management groups, and RBAC to enforce guardrails as code and maintain continuous compliance.
- Maintain & Operate: Provide hands-on BAU support, troubleshooting, and incident response for the corporate cloud network; participate in an on-call roster for critical systems.
- Collaboration: Work closely with security, platform engineering, and application teams to embed secure-by-design networking and enable their workloads.
- Azure Networking (core): Strong hands-on experience with hub-and-spoke, ExpressRoute, VPN/site-to-site, Azure Firewall, NSGs/UDRs, DNS, and load balancing.
- Infrastructure as Code: Hands-on experience with Azure Policy, initiatives, and RBAC to enforce network and security guardrails, plus familiarity with Azure Landing Zone / Cloud Adoption Framework patterns.
- Security & Compliance: Solid grounding in network security, zero trust, and working within regulated/compliance-driven constraints (banking or other APRA/finance environments preferred).
- Corporate Networking Fundamentals: Firewalls, VPNs, routing, segmentation, and enterprise connectivity; strong diagnostic and troubleshooting skills.
- CI/CD & Automation: Experience integrating infrastructure changes into CI/CD pipelines and scripting (PowerShell/Python/Bash) to reduce manual effort.
- Delivery Approach: Able to deliver bank-grade quality with a pragmatic, get-it-done mindset.
- Application DevOps experience and exposure to AWS networking/services.
- Kubernetes (AKS/EKS) and container networking.
- GitOps and CI/CD tooling such as ArgoCD and/or Jenkins.
- Zscaler (ZIA/ZPA) or other SASE/secure web gateway experience.
- A collaborative, engineering-led culture with a strong focus on quality and outcomes
- Opportunities to contribute to meaningful platform initiatives and shape technical direction
- Competitive compensation
- The opportunity to work on complex, large scale systems alongside senior technologists.
