CLS Group
AVP - Infrastructure Network Operations Engineer – UK
About CLS:
CLS is the trusted party at the centre of the global FX ecosystem. Utilized by thousands of counterparties, CLS makes FX safer, smoother and more cost effective. Trillions of dollars’ worth of currency flows through our systems each day.
Created by the market for the market, our unrivalled global settlement infrastructure reduces systemic risk and provides standardization for participants in many of the world’s most actively traded currencies. We deliver huge efficiencies and savings for our clients: in fact, our approach to multilateral netting shrinks funding requirements by over 96% on average, so clients can put their capital and resources to better use.
CLS products are designed to enable clients to manage risk most effectively across the full FX lifecycle – whether through more efficient processing tools or market intelligence derived from the largest single source of FX executed data available to the market.
Our ambition to make a positive difference starts with our people. Our values – Protect, Improve, Grow – underpin everything that we do at CLS and define and shape a supportive and inclusive working environment in which everyone is encouraged to be open and forward-thinking.
Job information:
- Functional title – Infrastructure Network Operations Engineer – AVP (UK Based)
- Department - Technology
- Corporate level – Infrastructure Support
- Report to – Director, Network Operations
- Location – London office
What you will be doing:
Job Purpose
The AVP – Infrastructure Network Operations Engineer will leverage their technical expertise and process improvement skills to optimize support of CLS's network and datacentre infrastructure. The role involves monitoring network alerts, performing day-to-day operation tasks and driving process improvements. The individual will excel in hands-on technical implementation and troubleshooting of various network technologies. The role involves collaboration with L3 engineering and managed service provider to align with company goals and best practices.
Key Responsibilities
- Proficiency in configuring, maintaining, and troubleshooting enterprise, data center & cloud network architecture.
- Perform day-to-day operation tasks that require solving operations tickets by troubleshooting any connectivity issues.
- Adhere to strict change management process to deploy firewall rule change requests, scheduled firmware upgrades and other network build, changes, or maintenance activities.
- Participate in alert monitoring of the network infrastructure using SolarWinds, and monthly on-call rotation.
- Act as the primary contact for network incidents, perform diagnostics, and collaborate with L3 Engineering, other cross-functional teams and vendors for resolution and RCA.
- Develop and maintain operational documentation, including runbooks, network diagrams, and configuration records.
- Contribute to team KT sessions to brainstorm ideas, to foster an environment of team growth and help achieve operational excellence.
- Use troubleshooting tools and CLI commands to resolve operational issues.
What we’re looking for:
Required Skills and Experience:
- Possess exceptional technical problem-solving skills in high-pressure scenarios, combined with strong collaboration and communication abilities.
- Solid knowledge of traditional LAN/WAN technologies including routing protocols, route redistribution, manipulation, and filtering, L2 loop avoidance, as well as datacenter clos fabric using spine-leaf architecture (Cisco ACI).
- Proven experience with deploying and troubleshooting issues related to WLAN, in a centralized (controller) as well as cloud-based model.
- In-depth experience of working in a multi-vendor firewall environment (Checkpoint, ASA, Fortinet), that involves implementing & troubleshooting firewall rule changes, NAT & VPN in a segmented network with multiple layers of firewalls.
- Good knowledge of cloud networking (AWS and Azure) components, including VPC design and hybrid connectivity.
- Familiarity with SaaS-based security and SASE architecture, Zero Trust principles.
- Familiarity with monitoring tools like SolarWinds and Dynatrace.
- Familiarity working with ServiceNow or other ticketing systems.
- Proficiency in creating technical documents, runbooks, and network diagrams.
- Prior experience of working in an NOC environment would be a plus.
Specialized Skills & Knowledge:
Extensive knowledge of configuring and troubleshooting the following technologies:
- Security & Firewall Management: multi-vendor firewalls (Firepower, ASA & Checkpoint) that leverage management tools for rule deployment, network segmentation in a multi-context/multi-zone firewall environment, IPS, encryption techniques (IPSEC, MACsec), VPN (Site-to-Site), NAC (Cisco ISE) and access security appliance (RSA).
- Enterprise Infrastructure: Routing & Switching, including routing protocols (OSPF & BGP), PBR, MPLS, VPN, SDWAN, STP, ACL, advanced L2/L3 switching technologies and QoS.
- Cloud Integration: Hybrid connectivity into AWS VPCs using various options (AWS Direct Connect, DX Gateway, NAT Gateway, Transit Gateway, and VPN), manage cloud security options using security groups.
- Datacenter Infrastructure: Spine and Leaf architecture, VxLAN fabric (Cisco ACI deployment) and other datacenter technologies (Cisco NX-OS, RSA appliance & NetScaler).
- Wi-Fi Solutions: Centralized and cloud-based WLAN solutions. Any experience with Meraki solutions would be preferred.
- Monitor: SolarWinds for alert monitoring.
- Troubleshoot: Using firewall packet capture, CLI commands and other methodologies, tools like Dynatrace.
Professional qualifications / certifications
Education & Certification
- Bachelor’s degree in Computer Science, Information Technology, or a related field (or equivalent work experience).
- Preferred certifications: Cisco CCNA/CCNP/CCIE, AWS Advanced Networking, Fortinet NSE, Checkpoint CCSA/CCSE.
Location: UK based, with a hybrid work model and travel as required for on-site support.
#LI-DK1
Our commitment to employees:
At CLS, we celebrate diversity and consider this to be one of our strongest assets. We are committed to fostering an environment in which everyone feels comfortable to be who they are, and inclusion is valued. All employees have access to our inclusive benefits, including:
- Holiday - UK/Asia: 25 holiday days and 3 ‘life days’ (in addition to bank holidays). US: 23 holiday days.
- 2 paid volunteer days so that you can actively support causes within your community that are important to you.
- Generous parental leave policies to ensure you can enjoy valuable time with your family.
- Parental transition coaching programmes and support services.
- Wellbeing and mental health support resources to ensure you are looking after yourself, and able to support others.
- Affinity Groups (including our Women’s Forum, Black Employee Network and Pride Network) in support of our organisational commitment to embrace and always be learning more about DE&I.
- Hybrid working to promote a healthy work/life balance, enabling employees to work collaboratively in the office when needed and work from home when they don’t.
- Active support of flexible working for all employees where possible.
- Monthly ‘Heads Down Days’ with no meetings across the whole company.
- Generous non-contributory pension provision for UK/Asia employees, and 401K match from CLS for US employees.
- Private medical insurance and dental coverage.
- Social events that give you opportunities to meet new people and broaden your network across the organisation.
- Annual flu vaccinations.
- Discounts and savings and cashback across a wide range of categories including health and retail for UK employees.
- Discounted Gym membership – Complete Body Gym Discount/Sweat equity program for US employees.
- All employees have access to Discover – our comprehensive learning platform with 1000+ courses from LinkedIn Learning.
- Access to frequent development sessions on a number of topics to help you be successful and develop your career at CLS.
