The organisation is a large public utility responsible for water infrastructure and operational sites, currently executing a network segregation and LAN modernisation programme. The role sits on the infrastructure team working on Cisco routing & switching and Extreme Networks platforms, with responsibilities spanning DNS/DHCP, Palo Alto firewall management via Panorama, and OT monitoring with Nozomi.
The mission
The project focuses on segregating corporate and operational technology networks and keeping the LAN inventory and data centre infrastructure up to date. The technical landscape combines Cisco layer 3 routing, Extreme OS switches and NAC, Palo Alto firewalls managed through Panorama, and SolarWinds for IPAM and monitoring. Work affects multiple sites and critical operational systems, and contributes to the organisation's compliance with ISO27001 and NIS2 requirements.
Day to day you will operate as a senior network engineer responsible for implementing and tuning the segregation design, maintaining the Extreme Networks estate, and configuring monitoring and alarm dashboards. Typical activities include programming switch configurations (LACP, MLAG, mirror ports), supporting second-line incidents, configuring Nozomi for OT monitoring and working on resilience and DRP hardware designs, while producing technical documentation for changes and baselines.
Your responsibilities
- Implement and validate network segregation changes to reduce cross-domain access and meet ISO27001 controls, delivering measurable access boundaries.
- Maintain and upgrade the Extreme Networks fleet, applying configuration standards, firmware updates and NAC policies to preserve operational stability.
- Remediate LAN security tickets including CVE-driven fixes on switches, Wi‑Fi controllers and NAC, and verify changes through testing and monitoring.
- Configure and operate Palo Alto firewalls using Panorama to enforce edge and segmentation policies, collaborate on firewall rule reviews and change implementations.
- Deploy and tune monitoring and IPAM in SolarWinds, build alarms and dashboards, and integrate mirror ports or span sessions for OT inspection tools.
- Configure Nozomi for OT visibility, support OT network resilience activities and assist in the DRP design and hardware implementation.
Your profile
Essential skills
- Proven experience as a senior network engineer in enterprise environments, delivering LAN and OT network projects.
- Strong hands-on expertise with Cisco Routing & Switching and routing protocols for L3 design and troubleshooting.
- Operational experience with Extreme OS, Extreme NAC and Extreme XIQ for switch programming, NAC policies and fleet maintenance.
- Practical knowledge of Palo Alto firewalls, Panorama management and firewall rule implementation.
- Familiarity with Nozomi for OT monitoring or similar OT security platforms, and with configuring mirror/span ports for traffic capture.
- Experience with DNS and DHCP operations, SolarWinds IPAM and monitoring configuration.
- Solid documentation skills, following technical change control and producing runbooks and design documentation.
- Understanding of ISO27001 controls and NIS2-relevant network security requirements.