Skip to main content
Posted 09 June, 2026
The Bank of England

CNI Platform - Network Engineer

The Bank of England
City of London, London Full Time
Salary: £61,440 to £69,120 Annually
+ 8% benefits allowance
Reference: 2220_1780997102

Location: London

Description

Work for an organisation steeped in history with a front row seat for the digitalisation of the financial sector, and the rise of fintech and regtech. A core organisational strength, with our people at our centre, Technology enables the Bank of England to deliver its mission by providing a diverse set of technical solutions and platforms. From supporting critical systems which underpin the UK economy, to evolving data analytics, reinventing our online presence, and introducing a fully digital workplace. Be part of a team that's constantly evolving, just like our industry.

We take pride in our people, with backgrounds and experiences as diverse as the solutions they provide. You'll enjoy flexible working opportunities, a strong sense of community and well-being, and a collective mission to promote the good of the people of the UK. All of which add up to make the Bank a hugely rewarding place to work.

Role Requirements

Experience level: You should be able to deliver routine operational tasks and standard changes with minimal supervision, follow change control rigorously, and know when to escalate for risk, complexity, or service impact.

As a Network Engineer you will operate and improve the network and security platforms within the CNI environment, with a primary focus on Cisco ACI, Cisco Firepower, and VMware NSX. You will take ownership of day-to-day BAU activities and deliver standard changes safely, while partnering with senior engineers on complex design, high-risk changes, and major incidents.

You will collaborate with colleagues and partner teams to resolve incidents and problems, complete service requests, and deliver changes following agreed processes and change controls. You will provide clear updates, produce evidence-based troubleshooting, and contribute to continuous improvement of runbooks and operational practices.

You will install, configure and patch network and security appliances used within the CNI platform, executing routine maintenance activities independently and escalating appropriately for complex changes. You will ensure changes are documented, tested, and validated end-to-end.

As a secondary task you may support other areas of the CNI platform with networking and security connectivity requirements, troubleshooting and implementation activities, helping ensure services integrate securely and reliably.

You will be expected to develop your skills across the services the team provides, share knowledge with peers, and support junior colleagues through pairing and guidance. You will also be encouraged to contribute to automation and standardization to improve service reliability and reduce manual effort.

The role will require you to participate in an out-of-hours support rota and to work out-of-hours for planned changes/maintenance as needed and agreed in advance.

The Bank allows flexible working and Work-from-Home. You will be expected to attend one of the Banks offices in either London or Leeds for a minimum of 50% of working hours over the period of a month. Ad-Hoc, flexible arrangements outside of these requirements may be accommodated, depending on circumstances.

Example responsibilities

  • Own triage and technical investigation of incidents and alerts; drive initial diagnosis through to restoration, escalating with clear evidence where needed (logs, captures, timelines).
  • Operate Cisco ACI day-to-day (health/fault analysis, endpoint reachability troubleshooting, assisting with policy changes and validation).
  • Operate Cisco Firepower (monitoring, implementing and validating rule changes, troubleshooting connectivity and security policy behaviour).
  • Operate VMware NSX (support logical networking and security, troubleshoot data-path/control-plane issues at a practical level, deliver standard changes).
  • Deliver standard changes end-to-end (peer review, back-out planning, implementation, post-change validation) and contribute to risk assessment for higher-impact changes.
  • Plan and execute routine patching/upgrades and maintenance windows; capture outcomes, lessons learned and follow-up actions.
  • Maintain and improve documentation: runbooks, diagrams, build notes, asset/port records; identify gaps and keep content audit-ready.
  • Support service requests such as connectivity checks, firewall policy assessments, segment/VLAN queries, and troubleshooting for application teams; provide clear stakeholder updates.
  • Carry out hardware activities when required (racking, stacking, cabling, labelling, device bring-up) following standards and ensuring accurate records.
  • Participate fully in an on-call / out-of-hours rota, supporting incident response, restoration, and post-incident actions.

Day in the life of a Network Engineer

A typical day blends operational support, planned change delivery, and collaboration with platform and application teams. Priorities can shift quickly during incidents or major maintenance windows.

  • Start of day checks: review monitoring/alerts, overnight incidents, and any planned maintenance outcomes; pick up handover notes from the on-call engineer.
  • Daily stand-up: share priorities, active incidents/problems, key risks, and planned changes; agree ownership and next actions.
  • Ticket and request triage: work the queue (incidents/service requests), gather evidence, run diagnostics, and coordinate with other resolver groups as needed.
  • Collaboration time: pair with platform/application teams to troubleshoot connectivity and security flows (e.g., ACI endpoint reachability, firewall policy behaviour, NSX segments), and agree next steps.
  • Change preparation: build/validate implementation plans and back-out steps, complete risk/impact assessments, update diagrams/runbooks, and line up peer reviews.
  • Change meetings (e.g., change review / CAB): present upcoming changes, answer impact/risk questions, confirm scheduling, dependencies, and comms.
  • Planned implementation: execute standard changes during agreed windows, perform pre/post checks, capture evidence, and update stakeholders.
  • Documentation and continuous improvement: update knowledge articles/runbooks, refine monitoring thresholds, and identify automation opportunities to remove repeat manual tasks.
  • End-of-day wrap-up: hand over unfinished work, document current status/risks, and support on-call transition when required.

Minimum Criteria

Demonstrable hands-on experience supporting enterprise network and/or security platforms in production (or equivalent demonstrable experience).

Practical operational experience in:

  • Cisco ACI (fault/health triage, endpoint reachability, policy troubleshooting and safe implementation of standard changes)
  • Cisco Firepower (monitoring, implementing firewall policy changes, troubleshooting and validation)
  • VMware NSX (core logical networking/security, operational troubleshooting, delivering standard changes)

Strong fundamentals and troubleshooting skills:

  • TCP/IP, subnetting, routing and switching concepts
  • DNS/DHCP and practical troubleshooting (packet capture, logs, structured fault finding)
  • Security principles (least privilege, firewall policy intent, segmentation, change hygiene)

Essential Criteria

Ability to operate in a controlled/regulated environment:

  • Follow operational processes (ITIL-style incident/problem/change) and produce high-quality, audit-ready documentation
  • Communicate clearly with technical and non-technical stakeholders; manage expectations and escalate appropriately
  • Participate in an on-call / out-of-hours rota and work flexibly during maintenance windows

Desirable Skill and Experience requirements (nice to haves)

  • Demonstrable automation / Infrastructure as Code experience in production (e.g. Ansible, Terraform, Python), including writing or maintaining playbooks/scripts and using version control (e.g. Git).
  • Operational experience with Checkpoint firewalls (policy changes, troubleshooting, and supporting upgrades/maintenance windows).
  • Operational experience with F5 load balancers (VIP/pool changes, troubleshooting, and supporting upgrades/maintenance windows).
  • Hands-on experience installing, racking and cabling network/security hardware in data centres, working to standards for labelling, patching, and asset/port recording.

Our Approach to Inclusion

The Bank values diversity, equity and inclusion. We play a key role in maintaining monetary and financial stability, and to do that effectively, we believe we need a workforce that reflects the society we serve. At the Bank of England, we want all colleagues to feel valued and respected, so we're working hard to build an inclusive culture which supports people from all backgrounds and communities to be at their best at work. We celebrate all forms of diversity, including (but not limited to) age, disability, ethnicity, gender, gender identity, race, religion, sexual orientation and socioeconomic status. We believe that it's by drawing on different perspectives and experiences that we'll continue to make the best decisions for the public. We welcome applications from individuals who work flexibly, including job shares and part time working patterns. We've also partnered with external organisations to support us in making adjustments for candidates and employees in the recruitment process where they're needed. For most roles where work can be carried out at home, we aim for colleagues to spend half of their time in the office, with a minimum of 40% per month. Subject to that minimum requirement, individuals and managers should work together to find what works best for them, their team and stakeholders. Finally, we're proud to be a member of the Disability Confident Scheme. If you wish to apply under this scheme, you should check the box in the 'Candidate Personal Information' under the 'Disability Confident Scheme' section of the application. Salary and Benefits InformationWe encourage flexible working, part time working and job share arrangements. Part time salary and benefits will be on a pro-rated basis as appropriate.We offer a salary of £61,440 - £69,120. In addition, we also offer a comprehensive benefits package as detailed below:
  • Currently a non-contributory, career average pension giving you a guaranteed retirement benefit of 1/80th of your annual salary for every year worked. There is the option to increase your pension (to 1/65th) or decrease (to 1/105th) in exchange for salary through our flexible benefits programme each year. The Bank has the discretion to vary standard accrual rates and dial up and dial down rates at any time and to withdraw dial up and dial down options at any time.
  • A discretionary performance award based on a current award pool.
  • An 8% benefits allowance with the option to take as salary or purchase a wide range of flexible benefits.
  • 26 days' annual leave with option to buy up to 12 additional days through flexible benefits.
  • Private medical insurance and income protection.
National Security Vetting ProcessEmployment in this role will be subject to the National Security Vetting clearance process (and typically can take between 6 to 12 weeks post offer) and the passing of additional Bank security checks in accordance with the Bank policy. Further information regarding the vetting and security clearance requirements for the role will be provided to the successful applicant, and information about how the Bank processes personal data for these purposes, is set out in the Bank's Privacy Notice.

The Bank of England welcomes applications from all candidates, but as a UK Visas and Immigration (UKVI) approved sponsor, we have a responsibility to comply with the Immigration Rules and guidance. As such, our ability to employ individuals who require sponsorship for immigration purposes is limited. The Bank cannot guarantee that you and / or the role you are applying for will be eligible for sponsorship and that any application made to UKVI will be successful. Eligibility will therefore be considered on a case by case basis.

The Application ProcessImportant: Please ensure that you complete the 'work history' section and answer ALL the application questions fully. All candidate applications are anonymised to ensure that our hiring managers will not be able to see your personal information, including your CV, when reviewing your application details at the screening stage. It's therefore really important that you fill out the work history and application form questions, as your answers will form a critical part of the initial selection process. The assessment process will comprise of two interview stages. This role closes on 28th June. Please apply online, ensuring that you complete your work history and answer ALL the application questions fully and in detail as your application will not be considered if all mandatory questions are not fully completed.