Azure Network Engineer — Cloud Networking, Security & Compliance

Position Overview

We’re looking for a hands-on Azure Network Engineer to help design, maintain, and uplift the corporate cloud network for an enterprise financial institution operating in a highly regulated (APRA) environment. You’ll own the Azure networking foundations — hub-and-spoke, ExpressRoute, VPN/site-to-site connectivity, firewalls, and zero-trust controls — and deliver every change as code through Terraform.

This is a networking-first role for someone who enjoys building secure, compliant, automated infrastructure and partnering closely with security, platform, and application engineering teams. Experience with application DevOps, AWS, Kubernetes, and CI/CD pipelines is a welcome bonus, but the core of this role is Azure networking done well, safely, and at scale.

Key Responsibilities

• Azure Network Design & Delivery: Design, build, and uplift enterprise Azure networking: hub-and-spoke topologies, ExpressRoute, site-to-site and point-to-site VPN, Azure Firewall, NSGs/ASGs, UDRs, DNS, and load balancing.
• Infrastructure as Code: Deliver and manage all network infrastructure and firewall/policy changes through Terraform, with peer-reviewed, version-controlled, automated pipelines.
• Security & Zero Trust: Implement and maintain zero-trust network architecture, micro-segmentation, and secure perimeter controls; partner with the security team on firewall request workflows and policy uplift.
• Compliance & Governance: Ensure all network changes meet the security, governance, and audit requirements expected in a regulated banking environment, using Azure Policy (definitions, initiatives, and automated remediation), management groups, and RBAC to enforce guardrails as code and maintain continuous compliance.
• Maintain & Operate: Provide hands-on BAU support, troubleshooting, and incident response for the corporate cloud network; participate in an on-call roster for critical systems.
• Collaboration: Work closely with security, platform engineering, and application teams to embed secure-by-design networking and enable their workloads.

Skills & Experience

• Azure Networking (core): Strong hands-on experience with hub-and-spoke, ExpressRoute, VPN/site-to-site, Azure Firewall, NSGs/UDRs, DNS, and load balancing.
• Infrastructure as Code: Hands-on experience with Azure Policy, initiatives, and RBAC to enforce network and security guardrails, plus familiarity with Azure Landing Zone / Cloud Adoption Framework patterns.
• Security & Compliance: Solid grounding in network security, zero trust, and working within regulated/compliance-driven constraints (banking or other APRA/finance environments preferred).
• Corporate Networking Fundamentals: Firewalls, VPNs, routing, segmentation, and enterprise connectivity; strong diagnostic and troubleshooting skills.
• CI/CD & Automation: Experience integrating infrastructure changes into CI/CD pipelines and scripting (PowerShell/Python/Bash) to reduce manual effort.
• Delivery Approach: Able to deliver bank-grade quality with a pragmatic, get-it-done mindset.

Nice to Have (Bonus)

• Application DevOps experience and exposure to AWS networking/services.
• Kubernetes (AKS/EKS) and container networking.
• GitOps and CI/CD tooling such as ArgoCD and/or Jenkins.
• Zscaler (ZIA/ZPA) or other SASE/secure web gateway experience.

What We Offer

• A collaborative, engineering-led culture with a strong focus on quality and outcomes
• Opportunities to contribute to meaningful platform initiatives and shape technical direction
• Competitive compensation
• The opportunity to work on complex, large scale systems alongside senior technologists.