Network Engineer / Network Designer

Job title: Network Engineer / Network Designer (Contract)

Duration: 3 months initially, with potential extensions

Location: London (Hybrid)

Role Overview

A Network Engineer / Network Designer is required to deliver project-based network and security changes within a large, distributed retail organisation. This role focuses solely on project delivery, with no BAU or operational support responsibilities. The contractor will work under general direction, taking responsibility for their own deliverables and ensuring that all design output, configuration artefacts, and documentation updates are accurate, consistent, and aligned with established standards. The work will involve contributing to network designs, implementing planned configuration changes, and updating documentation across hybrid cloud and on-premises environments. Technologies include Cisco ACI, Juniper Mist, Fortinet FortiGate, Palo Alto Networks, Zscaler (ZIA/ZPA), Azure networking, F5 LTM, and automation tooling such as Python, GitHub, and Terraform.

Key Responsibilities

• Network Design & Documentation
• Produce and update high-quality network documentation, including HLDs, LLDs, diagrams, and configuration specifications.
• Apply established design patterns for routing, segmentation, cloud connectivity, and secure access.
• Document changes clearly and consistently, ensuring traceability across project phases.
• Contribute to designs for Cisco ACI, including application profiles, endpoint groups, and policy models.
• Contribute to documentation for Juniper Mist wireless and access network deployments.
• Prepare clear integration and connectivity documentation for Zscaler ZIA and ZPA.
• Network Engineering & Project Delivery
• Deliver planned configuration changes across Fortinet, Palo Alto, and Juniper SRX firewalls.
• Implement routing changes using BGP and associated enterprise protocols.
• Build IPSec tunnels, VPNs, and Zero Trust access configurations following approved designs.
• Configure F5 LTM for application delivery and traffic management.
• Complete migration tasks, cutovers, and validation steps in line with project plans.
• Produce implementation runbooks, testing steps, and post-change records.
• Azure Cloud Networking
• Deploy Azure networking components such as VNets, subnets, NSGs, UDRs, Azure Firewall, and Private Endpoints.
• Update cloud network diagrams and documentation to reflect changes and new deployments.
• Support the delivery of hybrid connectivity using VPN Gateway and ExpressRoute.
• Ensure cloud networking aligns with existing enterprise design standards.
• Automation & Tooling
• Use Python to support automation of repeatable network configuration or verification tasks.
• Maintain configuration artefacts and documentation using GitHub version control.
• Apply Terraform modules to deliver network and cloud infrastructure builds where required.
• Transformation & Migration Delivery
• Contribute to workstreams delivering network modernisation, cloud adoption, and segmentation changes.
• Follow defined procedures when supporting branch, cloud, or data centre migrations.
• Produce migration documentation, implementation notes, and verification reports.
• Identify risks or issues related to network changes and escalate appropriately.

Required Skills & Experience

• Core Networking
• Strong understanding of routing and switching technologies.
• Practical experience implementing BGP in enterprise environments.
• Knowledge of OSPF, VLANs, NAT, QoS, and IPsec VPN.
• Experience working with Cisco ACI and policy-driven network designs.
• Familiarity with Juniper Mist wireless and access networking.
• Security & Firewalls
• Hands on experience with:
• Fortinet FortiGate
• Palo Alto Networks
• Juniper SRX
• Including policy creation, rule updates, segmentation, and configuration deployment.
• Secure Access & Zero Trust
• Experience deploying Zscaler ZIA and/or ZPA into enterprise environments.
• Understanding of Zero Trust concepts and secure access patterns.
• Cloud Networking
• Practical experience delivering Azure networking solutions.
• Understanding of hybrid connectivity requirements and cloud security controls.
• Desirable Skills
• Automation experience with Python, Terraform, GitHub, and/or Ansible.
• Experience configuring and maintaining F5 LTM.
• Experience working in large distributed or retail organisations.

Deliverables

The contractor will be responsible for delivering:

• Updated network documentation (HLDs, LLDs, diagrams).
• Configuration build documents for firewall, routing, and LTM implementations.
• Azure networking deployment artefacts and connectivity documentation.
• Migration runbooks, test plans, and implementation records.
• Accurate, fully maintained documentation within agreed repositories.
• Clear, complete handover material for operational teams.