Employer简体中文Login/Signup

Cloud and Network Engineer

Singapore 2 days agoFull-time External
19.2k - 27.4k / mo
THE HACENS TALENT PTE. LTD.

THE HACENS TALENT PTE. LTD.

About the Role: We are seeking a highly skilled and experienced Azure Cloud and Network Engineer to design, implement, and manage secure and scalable network architectures within Microsoft Azure. This pivotal role requires deep expertise in Azure networking services, hybrid cloud connectivity, and a strong commitment to network security, automation, and operational excellence. You will play a critical role in bridging on-premises infrastructure with our Azure cloud environments, maintaining its operational integrity, and ensuring the reliability and performance of our entire network services landscape. Key Responsibilities: 1) Network Architecture & Design (Azure & Hybrid): Design, deploy, and manage scalable and secure network architectures in Microsoft Azure, encompassing core Azure networking services such as Azure Virtual Network (VNet), Azure ExpressRoute, Azure Virtual WAN, Azure DNS, Azure Firewall, Azure Application Gateway/Front Door, and Load Balancers. Architect and implement robust hybrid cloud connectivity solutions, including Azure VPN Gateway, ExpressRoute, and site-to-site VPNs, ensuring seamless and secure communication between on-premises data centers and Azure environments. Strategize and optimize network segmentation, IP addressing schemes, and routing policies across both on-premises and Azure cloud infrastructures. Design and implement network solutions specifically tailored for adoption within the Singapore Government Commercial Cloud (GCC) framework, adhering to IM8 policies and relevant government security standards. 2) On-Premises Network Operations & Management: • Manage, configure, and troubleshoot enterprise-grade network devices including routers (e.g., Cisco, Juniper) and switches (e.g., Cisco Catalyst/Nexus, Arista) across LAN/WAN environments. • Deep operational knowledge of network protocols such as BGP, OSPF, EIGRP, VLANs, Spanning Tree Protocol (STP), HSRP/VRRP, and Quality of Service (QoS). • Administer and maintain on-premises firewalls (e.g., Checkpoint, Palo Alto Networks, Cisco ASA), including policy management, VPN configurations, and threat prevention. • Oversee and troubleshoot web proxy solutions (e.g., Bluecoat ProxySG, Zscaler) for internet access, content filtering, and security. • Manage and support enterprise wireless networks, including Wireless LAN Controllers (WLCs) and Access Points. • Implement and manage on-premises load balancers (e.g., F5 BIG-IP, Citrix ADC) for internal application traffic management and high availability. 3) Azure Cloud Network Management: • Monitor and optimize network performance within Azure, ensuring high availability and reliability for Azure-based services and applications. • Troubleshoot and resolve complex network issues specifically within the Azure cloud environment. • Implement and enforce networking security best practices using Azure-specific tools like Network Security Groups (NSGs), Azure Security Center (Defender for Cloud), Azure DDoS Protection, and Azure Front Door's WAF capabilities. 4) Logging, Alerts, and Monitoring: • Configure and manage comprehensive monitoring and alerting for both cloud and hybrid network infrastructures using Azure Monitor (including Log Analytics workspace for network logs), Azure Activity Log, and Azure Resource Health. • Leverage Azure Policy and Azure Resource Graph to assess, audit, and evaluate the configurations of network resources for compliance and security. • Utilize Microsoft Defender for Cloud for continuous security posture management, threat detection, and advanced protection across all network components integrated with Azure. 5) Automation and Optimization: • Develop and maintain Infrastructure as Code (IaC) for network deployments using Azure Resource Manager (ARM) templates, Bicep, Terraform, and integrate with GitHub CI/CD pipelines for automated provisioning and configuration management. • Drive continuous improvement by evaluating and implementing new Azure services and features, as well as emerging on-premises network technologies, to enhance efficiency, scalability, and security. 6) Collaboration and Support: • Work closely with DevOps, Security, Application, and Infrastructure teams to ensure seamless integration, smooth operation, and optimal performance of network services across the entire hybrid architecture. • Provide technical guidance and mentorship to junior network engineers, fostering a culture of knowledge sharing and continuous learning. • Collaborate with third-party vendors and service providers to support both on-premises and cloud network infrastructure. 7) Documentation and Compliance: • Create and maintain comprehensive network documentation, including detailed diagrams, configurations, and operational procedures for both Azure and on-premises network environments. • Ensure strict compliance with industry standards, regulatory requirements, and internal security policies for all network operations. • Ensure network designs and implementations adhere to Singapore government policies and frameworks, including the Instruction Manual 8 (IM8) and GCC security requirements. Qualifications and Skills: • Bachelor's degree in Computer Science, Information Technology, or a relevant engineering discipline. • Minimum of 8 years of hands-on experience in complex enterprise networking environments, spanning both traditional on-premises infrastructure and public cloud platforms. • Demonstrable expert-level proficiency in core networking concepts, including deep knowledge of router and switch configuration (Cisco Catalyst/Nexus, Juniper, Arista), advanced routing protocols (BGP, OSPF, EIGRP), and layer 2 technologies (VLANs, STP, EtherChannel). • Extensive hands-on experience with enterprise firewall management (e.g., Checkpoint, Palo Alto Networks, Cisco ASA), including rule optimization, VPN setup, and troubleshooting. • Proven experience managing and optimizing web proxy solutions (e.g., Bluecoat ProxySG, Zscaler) and hardware/software load balancers (e.g., F5 BIG-IP). • In-depth expertise with Microsoft Azure networking services and architecture, including Azure Virtual Network (VNet), ExpressRoute, Virtual WAN, Azure Firewall, Application Gateway, Front Door, and NSGs. • Proven experience in designing, implementing, and managing robust hybrid cloud environments that securely connect on-premises networks to Azure. • Proven experience in leading and mentoring a technical team. • Proficiency in Azure logging, alerts, and monitoring services, specifically Azure Monitor, Log Analytics, Azure Activity Log, and Microsoft Defender for Cloud. • Strong experience with Infrastructure as Code (IaC) tools like Terraform and Bicep, and integrating them with CI/CD pipelines (e.g., GitHub Actions) for automated network provisioning and deployment. • Essential: Demonstrated experience with the Singapore Government Commercial Cloud (GCC) environment, including an understanding of its network architecture, security considerations, and compliance requirements (e.g., IM8). • Highly desirable certifications: Microsoft Certified: Azure Network Engineer Associate, Microsoft Certified: Azure Solutions Architect Expert, or Microsoft Certified: Azure Security Engineer Associate. • Highly desirable networking certifications (e.g., CCNP Enterprise, CCIE, JNCIP, PCNSE) demonstrating advanced on-premises network expertise. • Exceptional problem-solving and analytical skills, with a methodical approach to troubleshooting complex network issues across hybrid environments. • Excellent written and verbal communication skills, with the ability to articulate complex technical concepts to diverse audiences. • Ability to work independently and collaboratively in a fast-paced, dynamic team environment, with a strong commitment to detail and quality.