Online since 1999 | 13,248 IT Jobs Live NOW
Senior Systems Engineer - Networks
Premium Job From Tesco
Recruiter: Tesco
Listed on: 1st November
Location: Welwyn Garden City
Salary Notes: Competitive
Type: Permanent
Start Date:
Reference: tesco/TP/2630674/138468_1509539407
Contact Name: Benjamin Price
Summary
About The Tesco Technology Infrastructure Team

The Infrastructure Engineering team design, develop, implement and operate all infrastructure used by Tesco Technology across our data centres, offices, stores and distribution centres. This encompasses multiple domains; private and public cloud, connectivity, end-user computing, CI/CD and monitoring toolkit. This includes both 3rd party and internally developed infrastructure applications and infrastructure that support the wider Tesco business.

As part of wider Infrastructure Team, Networks and Security Team design, develop, implement and operate all Network and Security infrastructure technologies that facilitate the both Infrastructure and the rest of Tesco Technology

Key activities include:
* Designs, develops, implements and operates the ¬large-scale, high-capacity and highly resilient infrastructure solutions that allow the rest of Infrastructure, Technology development teams and business colleagues to consume Networks and Security Service.
* Setting the strategy, objectives and high-level plans for Networks Infrastructure Service in order to best deliver requirements of Tesco Technology and thus the business.
* Defining and continually overseeing standards and simplification across the entire Networks estate.
* Driving innovation through transformation and Continual Service Improvement
* Evaluating partners, software and hardware and finding the right mix to deliver the Technology and ultimately, business strategy
* Designs, develops, implements and operates Networks solutions in line with modern automation technologies where possible through self-service APIs. This solutions will allow Networks and rest of Infrastructure to be consumed in a controlled, auditable and repeatable manner, automatically handling failure seamlessly.
* Designing, delivering, implementing and operating new and re-usable infrastructure solutions to meet both technological, financial and business requirements.
* Collaborate with, and advise, development teams, to create appropriate infrastructure solutions to facilitate both their and ultimately the business requirements

Package
We offer excellent benefits that help make Tesco a great place to work. These include but aren't limited to:

* An annual bonus scheme of up to 45% of base salary.
* Car Allowance of £7,320 per annum
* Privilegecard (including a 2nd card for a family member) after 6 months service with 10% off most purchases at Tesco.
* A retirement savings plan: 6%-10% contribution rate
* Life Assurance - 5 x contractual pay
* Buy As You Earn Scheme
* Save As You Earn Scheme
* Health Screening every 2 years
* Deals & Discounts through Tesco including Tesco Mobile & Tesco Bank
* Deals and Discounts through many other external businesses

Main Responsibilities
The Role - Senior Systems Engineer II - Network Security

Whilst specific responsibilities will be dependent upon the changing needs of the Tesco business, the following provides an overview of the role's key responsibilities and measures:
* Architect, Design and Deliver solutions using existing Infrastructure components. Where new infrastructure technologies are being introduced, implement them and establish best practice for their adoption. Resolve incidents that have not been seen before and initiate change to ensure that issues can be easily dealt with in future.
* Contribute to the Technology Roadmap for Tesco Technology Data Centres
* Evaluate new tools and techniques being able to understand their value and impact.
* Understand current application development techniques (12 factor app) and their implications to infrastructure
* Lead group design discussions on my area of expertise and be able to present with authority to a variety of audiences.
* Collaborate with Software Engineers to understand their requirements and assist them consuming Infrastructure in the most seamless way possible.
* Coach and mentor system engineers across Technology who are at a more junior level. Ensure that my own team's designs are of a high quality and understand the impacts to any other areas of infrastructure.
* Keep my technical skills up to date and keep track of new technologies, understanding how they might benefit the Technology team and wider Tesco.
* Introduce automation to all aspects of my day to day work.

This role will best suit an individual who enjoys working as part of a team, is well organised, pragmatic and a lateral thinker with an inquisitive mind who is motivated to make change for the better and, most importantly, puts our customers first.

Ideal Candidate

Skills / Experience Required
* Experience designing and deploying solutions for large, complex global organisations
* Analytical and structured approach to design, process and advanced trouble-shooting
* Understand Tesco Technology and business strategies and convert into technology roadmaps and innovative solutions that best achieve these goals
* Ability to produce and maintain high quality HLD/LLD and Standards documentation
* Well organised self-starter who takes personal ownership and accountability at required levels of the work stream and project life cycles; willing to go the extra mile at every opportunity
* Builds and maintains positive relationships within and across teams
* Provides technical leadership within teams and mentoring for individuals
* Communicates effectively, able to deliver and present both written and verbal, designs, strategies and concepts clearly and affectively to Senior & Jnr staff alike
* Take ownership, to keep up-to-date and embrace the latest industry technologies and associated supplier solutions like SDN and SDWAN

Required Technology Skills
* Deep technical knowledge of Firewalls Platforms and Technologies, including build and configuration of some of the following Checkpoint, Cisco ASA (and latterly FirePower), Palo Alto and Fortinet along with associated Management Systems and Firewall rule analysis tools eg Skybox, Tufin
* Advanced levels of VPN experience along with associated technologies and protocols eg IPSec, Public/Private Key Encryption, TLS/SSL, digital cert techniques like ISA/KMP GRE and DMVPN
* Excellent technical knowledge of OSI network topologies, troubleshooting and design eg Routing Protocols (BGP, OSPF, iGRP), DNS, DHCP, IP Address Management and TCP/UDP Port RFC & IEEE 802-based standards.
* High levels of experience of Threat prevention and detection techniques and associated technologies like IPS, IDS, APT/SEIM, Secure Proxy.
* High levels of knowledge of remote access and two factor authentication technologies and AAA solutions, eg RSA, Juniper/Pulse Cisco ACS, Radius
* High levels of Load balancing & Global/DNS balancing technologies and techniques eg F5 hardware and/or software appliances, Cisco ACE or Citrix Netscaler
* Good understanding of Internet/Web Technologies both hardware and cloud based, like CDN, Proxy/Caching, SSL Offloading/Interception, URL forwarding/re-direction from suppliers like Akamai, Bluecoat, Zscaler,
* Good understanding of browser-based technologies and protocols like HTML, HTTP/HTTPS and XML
* Good understanding of Network Management technologies and protocols like SNMP, Netflow, IPSLA, along with practical experience of associated Network Management & Alerting Tools

Desired Technical Skills
* CCNP levels of practical experience in designing/building, operating large-scale, Multilayer Switching and Routing using current CISCO equipment and IOS in a WAN and LAN environment using technologies like Multicast, Port Channelling, EIGRP, CDP, GLBP, VRF, QoS
* Cisco/Arista switches deployed in Spine/Leaf topology
* Associated SDN/automation technologies/configuration tools like GIT, Chef, Anisble or Puppet, preferably in a DevOps environment
* Experience of Wide Area Networking technologies and protocols, such as MPLS, WAN Optimisation (Riverbed Steelhead or Cisco WAS), CoS, DWDM
* Latest 802.11-based WiFi standards and technologies with practical design and installation of provider solutions and tools eg Cisco, Aruba or Meraki and all associated
* Scripting knowledge (eg Python, Unix/Linux or PowerShell & Batch)
* Familiarity with VMware NSX and wider VMware software stack (vCentre, vRealize)

To find out more information and to apply, please click the APPLY button.


Browse all skill types