Engineer - Network Data & NetScaler

REGENT LP

Regent is a global private holding company focused on investing in and transforming businesses across a broad spectrum of industries including automotive, technology, consumer products, retail, industrial, and media. Known for driving innovation and operational excellence, Regent partners with management teams to unlock long-term value. 

ROLE OVERVIEW

We are seeking an experienced Engineer to support the Network Data & NetScaler area. This role has accountability for the reliability, security, and continuous improvement of the organisation's application delivery infrastructure (Citrix NetScaler/ADC) and network data services (Infoblox DDI, routing, segmentation). The role spans L4–L7 load balancing and SSL offload, enterprise DNS/DHCP/IPAM, routing protocol management, software-defined networking (SDN), firewall and VPN operations, and the evolution toward a Zero Trust Network (ZTN) and SASE-aligned architecture - partnering with application, cloud, and security teams to deliver high-availability, secure network services.*

*Please note this role is on-site 5 days per week

AREA CONTEXT

Network Data & Netscaler focuses on the management and optimisation of network services, including load balancing, DNS, network routing, network segmentation, and network automation. The area ensures high availability, scalability, and performance of business-critical applications by leveraging technologies such as Citrix NetScaler and Infoblox. It addresses operational challenges such as device lifecycle management, firmware upgrades, and the integration of new network services. The area also supports the transition to cloud-managed networking, the adoption of software-defined networking (SDN) principles for virtualisation and cloud integration, and alignment with Zero Trust Network (ZTN) and SASE frameworks — reflecting the security architecture already operating across the broader portfolio.

KEY RESPONSIBILITIES

• Manage and optimise NetScaler ADC platforms (L4–L7 load balancing, SSL offload, GSLB, HA pairs): configure VIPs, services, and health monitors to the highest availability standards.
• Onboard applications to the ADC using standard patterns; validate persistence, health probes, and SSL handshake behaviour post-change.
• Manage SSL offload, cipher suite hardening, and certificate bindings across ADC services; align with organisational TLS standards and renew certificates on schedule.
• Validate HA failover behaviour during maintenance windows; keep configuration backups and golden templates current for rapid recovery.
• Coordinate with WAF, CDN, and Proxy teams on fronting, routing, and policy changes that affect ADC traffic flows.
• Track firmware advisories for NetScaler appliances; schedule, execute, and verify upgrades with same-day rollback capability.
• Align ADC configuration with security baselines and audit requirements; participate in data centre and office move cutovers.
• Manage and improve Infoblox DDI: zone architecture, DHCP scope management, IPAM hygiene, and large-scale scripted changes.
• Validate DNS zone changes and replication across the Infoblox grid; troubleshoot propagation, caching, and resolution performance.
• Operate split-horizon views, conditional forwarders, and DNSSEC where required; maintain naming standards and zone delegation documentation.
• Coordinate with certificate teams for DNS-based validations and ownership proofs; validate DNS impacts for WAF, DDoS, ADC, and CDN cutovers and failbacks.
• Review and clean stale DNS records; ensure CMDB/IPAM alignment; produce capacity and usage reports (zones, records, growth).
• Configure, maintain, and troubleshoot routing between network segments (OSPF, BGP, EIGRP); optimise routing policies for performance and resilience.
• Design, implement, and operate software-defined networking (SDN) solutions: manage network virtualisation overlays, policy-based routing, and SDN controller integration to support cloud workloads and hybrid connectivity.
• Drive network segmentation initiatives to achieve a Zero Trust Network (ZTN) environment: design and implement ACL strategy, micro-segmentation boundaries, and SASE-aligned controls for secure access across cloud, on-premises, and remote users.
• Administer and maintain enterprise firewalls, VPN gateways, IPS, and IDS: manage rule bases, policy reviews, threat signatures, and alert triage; Palo Alto and Fortinet platform experience is strongly preferred.
• Support onboarding and configuration of network devices following engineering standards and architecture patterns.
• Provide L3 support for network transport, routing, DNS, load balancing, NAC, and network automation incidents; escalate high-impact outages per the escalation matrix.
• Monitor network infrastructure components (routers, switches, DNS/DHCP/IPAM, NetScaler); respond to threshold breaches and perform first-line remediation.
• Execute routine network maintenance: firmware updates, configuration adjustments, device health checks, and routing optimisation.
• Improve operational processes through automation (Python, Ansible, Infoblox APIs, NetScaler automation) to reduce toil and eliminate recurring issues; experience developing AI-assisted automation or autonomous agents to accelerate network operations is a strong advantage.
• Support network capacity planning, SRE practices, and performance optimisation activities; participate in DR rehearsals for network failover.
• Maintain network asset inventories, topology documentation, routing diagrams, and runbooks; produce weekly service availability, incident, and change KPIs.
• Ensure network compliance: change management, audit requirements, and stable configuration baselines.
• Work with application, cloud, and vendor teams to resolve cross-domain network and load-balancing issues.
• Manage team workload and capacity: maintain and prioritise the team's Jira ticket queue, coordinate resource allocation across concurrent network workstreams, and provide workload reporting to engineering leadership.

QUALIFICATIONS
Experience

• 5+ years of enterprise network engineering and operations experience.
• Hands-on, production-level expertise with Citrix NetScaler/ADC: L4–L7 load balancing, SSL offload, GSLB, HA pair management, and application onboarding.
• Demonstrable experience with Infoblox DDI: zone architecture, DHCP management, IPAM hygiene, split-horizon DNS, and scripted bulk changes.
• Deep understanding of routing protocols (OSPF, BGP, EIGRP), SDN concepts, network segmentation design, and ACL strategy; hands-on experience with firewall rule management, VPN gateway operations, and IPS/IDS platforms.
• Understanding of cloud networking principles with an emphasis on AWS, including AWS VPC constructs, routing, and security group design; familiarity with cloud-hosted SDN overlay technologies (such as Nutanix Flow Virtual Networking) as applied within hybrid cloud environments — given the Nutanix Cloud Clusters (NC2) deployment options which integrate closely with the organisation's global network fabric.
• Experience with DMVPN and NHRP technologies; solid understanding of dynamic multipoint VPN architectures as used in enterprise site-to-site transport, including both on-premises and cloud-integrated spoke/hub deployments consistent with the organisation's global S2S transport architecture.
• Proven experience with TLS/PKI certificate lifecycle management for network devices and ADC bindings.
• Hands-on experience with network automation tooling (Python, Ansible, Infoblox APIs, NetScaler CLI/automation).
• Background in network performance troubleshooting and packet analysis (Wireshark, TCP/IP diagnostics).
• Experience with next-generation firewall and SASE/ZTN platforms; Palo Alto Networks (NGFW, Panorama) and/or Fortinet (FortiGate, FortiManager) knowledge is a strong advantage.
• Experience supporting or leading network audit and compliance activities with evidenced remediation.
• Proficiency with ITSM and project tracking platforms — Jira (primary) and ServiceNow or equivalent — for incident management, ticket queue management, and CMDB; experience leading a team's Jira workflow and managing workload prioritisation across concurrent tasks.

Technical Skillset

• Advanced load balancing and application delivery expertise with Citrix NetScaler/ADC (L4–L7, SSL offload, GSLB, HA): VIP/service/monitor configuration, persistence, and health probe management.
• Strong DNS/DHCP/IPAM (Infoblox DDI): zone architecture, DHCP scope management, IP address automation, split-horizon DNS, DNSSEC, and conditional forwarding patterns.
• Deep understanding of routing protocols (OSPF, BGP, EIGRP), software-defined networking (SDN) — including network virtualisation overlays and SDN controller management — network segmentation models, ACL design, Zero Trust Network (ZTN) architecture, and SASE framework implementation.
• AWS cloud networking and hybrid cloud integration: knowledge of AWS VPC networking (subnets, route tables, transit gateways, security groups) and cloud-hosted SDN overlays; familiarity with Nutanix NC2 networking frameworks — including the choice between native AWS VPC routing and Nutanix Flow Virtual Networking as an SDN overlay — and how these integrate with global enterprise WAN and routing domains.
• DMVPN and NHRP expertise: hands-on knowledge of Dynamic Multipoint VPN (DMVPN) and Next Hop Resolution Protocol (NHRP) as applied in hub-and-spoke and full-mesh enterprise S2S transport architectures, across both on-premises and cloud-connected locations.
• Certificate lifecycle management for network devices and ADC bindings: TLS, cipher suites, HSTS, and certificate renewal automation.
• Network automation skills: Python, Ansible, Infoblox APIs, NetScaler automation, and scripting for bulk DNS updates and compliance reporting.
• Strong network performance troubleshooting: packet analysis (Wireshark), TCP/IP deep diagnostics, routing and DNS resolution debugging.
• Awareness of fronting patterns with WAF, CDN, and proxy layers; experience coordinating cross-domain routing and policy changes.
• Monitoring and SIEM integration for network telemetry, ADC logs, and DNS query logging.
  Firmware and platform upgrade expertise: automated validation, same-day rollback discipline, and structured deployment planning.
• DR and continuity planning for network failover, load-balancer HA failover, and DNS/GSLB resilience; experience with DR rehearsals.
• Strong change and audit rigour: change management discipline, configuration baseline maintenance, and comprehensive documentation.
• Firewall, VPN, IPS/IDS, and network security platform expertise: next-generation firewall policy management, VPN gateway configuration (site-to-site and remote access), IPS/IDS signature management and alert triage. Palo Alto Networks (NGFW, Panorama) and/or Fortinet (FortiGate, FortiManager) are strongly preferred.
• AI-assisted automation and agent development (advantageous): ability to work with AI tooling and develop autonomous agents to accelerate network operations; candidates with hands-on experience building AI agents or integrating LLM-based automation into network or infrastructure workflows will be strongly preferred.