Location: London

Description

Work for an organisation steeped in history with a front row seat for the digitalisation of the financial sector, and the rise of fintech and regtech. A core organisational strength, with our people at our centre, Technology enables the Bank of England to deliver its mission by providing a diverse set of technical solutions and platforms. From supporting critical systems which underpin the UK economy, to evolving data analytics, reinventing our online presence, and introducing a fully digital workplace. Be part of a team thats constantly evolving, just like our industry.

We take pride in our people, with backgrounds and experiences as diverse as the solutions they provide. Youll enjoy flexible working opportunities, a strong sense of community and well-being, and a collective mission to promote the good of the people of the UK. All of which add up to make the Bank a hugely rewarding place to work.

Role Requirements

Experience level: You should be able to deliver routine operational tasks and standard changes with minimal supervision, follow change control rigorously, and know when to escalate for risk, complexity, or service impact.

As a Network Engineer you will operate and improve the network and security platforms within the CNI environment, with a primary focus on Cisco ACI, Cisco Firepower, and VMware NSX. You will take ownership of day-to-day BAU activities and deliver standard changes safely, while partnering with senior engineers on complex design, high-risk changes, and major incidents.

You will collaborate with colleagues and partner teams to resolve incidents and problems, complete service requests, and deliver changes following agreed processes and change controls. You will provide clear updates, produce evidence-based troubleshooting, and contribute to continuous improvement of runbooks and operational practices.

You will install, configure and patch network and security appliances used within the CNI platform, executing routine maintenance activities independently and escalating appropriately for complex changes. You will ensure changes are documented, tested, and validated end-to-end.

As a secondary task you may support other areas of the CNI platform with networking and security connectivity requirements, troubleshooting and implementation activities, helping ensure services integrate securely and reliably.

You will be expected to develop your skills across the services the team provides, share knowledge with peers, and support junior colleagues through pairing and guidance. You will also be encouraged to contribute to automation and standardization to improve service reliability and reduce manual effort.

The role will require you to participate in an out-of-hours support rota and to work out-of-hours for planned changes/maintenance as needed and agreed in advance.

The Bank allows flexible working and Work-from-Home. You will be expected to attend one of the Banks offices in either London or Leeds for a minimum of 50% of working hours over the period of a month. Ad-Hoc, flexible arrangements outside of these requirements may be accommodated, depending on circumstances.

Example responsibilities

• Own triage and technical investigation of incidents and alerts; drive initial diagnosis through to restoration, escalating with clear evidence where needed (logs, captures, timelines).

• Operate Cisco ACI day-to-day (health/fault analysis, endpoint reachability troubleshooting, assisting with policy changes and validation).

• Operate Cisco Firepower (monitoring, implementing and validating rule changes, troubleshooting connectivity and security policy behaviour).

• Operate VMware NSX (support logical networking and security, troubleshoot data-path/control-plane issues at a practical level, deliver standard changes).

• Deliver standard changes end-to-end (peer review, back-out planning, implementation, post-change validation) and contribute to risk assessment for higher-impact changes.

• Plan and execute routine patching/upgrades and maintenance windows; capture outcomes, lessons learned and follow-up actions.

• Maintain and improve documentation: runbooks, diagrams, build notes, asset/port records; identify gaps and keep content audit-ready.

• Support service requests such as connectivity checks, firewall policy assessments, segment/VLAN queries, and troubleshooting for application teams; provide clear stakeholder updates.

• Carry out hardware activities when required (racking, stacking, cabling, labelling, device bring-up) following standards and ensuring accurate records.

• Participate fully in an on-call / out-of-hours rota, supporting incident response, restoration, and post-incident actions.

Day in the life of a Network Engineer

A typical day blends operational support, planned change delivery, and collaboration with platform and application teams. Priorities can shift quickly during incidents or major maintenance windows.

• Start of day checks: review monitoring/alerts, overnight incidents, and any planned maintenance outcomes; pick up handover notes from the on-call engineer.

• Daily stand-up: share priorities, active incidents/problems, key risks, and planned changes; agree ownership and next actions.

• Ticket and request triage: work the queue (incidents/service requests), gather evidence, run diagnostics, and coordinate with other resolver groups as needed.

• Collaboration time: pair with platform/application teams to troubleshoot connectivity and security flows (e.g., ACI endpoint reachability, firewall policy behaviour, NSX segments), and agree next steps.

• Change preparation: build/validate implementation plans and back-out steps, complete risk/impact assessments, update diagrams/runbooks, and line up peer reviews.

• Change meetings (e.g., change review / CAB): present upcoming changes, answer impact/risk questions, confirm scheduling, dependencies, and comms.

• Planned implementation: execute standard changes during agreed windows, perform pre/post checks, capture evidence, and update stakeholders.

• Documentation and continuous improvement: update knowledge articles/runbooks, refine monitoring thresholds, and identify automation opportunities to remove repeat manual tasks.

• End-of-day wrap-up: hand over unfinished work, document current status/risks, and support on-call transition when required.

Minimum Criteria

Demonstrable hands-on experience supporting enterprise network and/or security platforms in production (or equivalent demonstrable experience).

Practical operational experience in:

• Cisco ACI (fault/health triage, endpoint reachability, policy troubleshooting and safe implementation of standard changes)

• Cisco Firepower (monitoring, implementing firewall policy changes, troubleshooting and validation)

• VMware NSX (core logical networking/security, operational troubleshooting, delivering standard changes)

Strong fundamentals and troubleshooting skills:

• TCP/IP, subnetting, routing and switching concepts

• DNS/DHCP and practical troubleshooting (packet capture, logs, structured fault finding)

• Security principles (least privilege, firewall policy intent, segmentation, change hygiene)

Essential Criteria

Desirable Skill and Experience requirements (nice to haves)

• Demonstrable automation / Infrastructure as Code experience in production (e.g. Ansible, Terraform, Python), including writing or maintaining playbooks/scripts and using version control (e.g. Git).

• Operational experience with Checkpoint firewalls (policy changes, troubleshooting, and supporting upgrades/maintenance windows).

• Operational experience with F5 load balancers (VIP/pool changes, troubleshooting, and supporting upgrades/maintenance windows).

• Hands-on experience installing, racking and cabling network/security hardware in data centres, working to standards for labelling, patching, and asset/port recording.