Senior Network Engineer

Must Have Technical/Functional Skills 7+ years of network engineering experience in large enterprise environments (global WAN, multi-site data centre, 10,000+ endpoints). 3+ years of hands-on Azure networking experience: Virtual WAN, ExpressRoute, Azure Firewall, NSGs, Private Endpoints, and Azure DNS.

Expert-level knowledge of routing protocols:

BGP (eBGP/iBGP), OSPF, EIGRP, and IS-IS in enterprise and service provider contexts.

Deep expertise in enterprise switching:

Spanning Tree variants (RSTP/MSTP), VLAN architecture, VxLAN/EVPN in data centre fabrics. Hands-on experience with enterprise firewall platforms: Palo Alto PAN-OS (required), Fortinet FortiOS, or Cisco

FTD/ASA. CCNP

Enterprise or CCNP Security (active) required; CCIE preferred.

Experience with enterprise network automation:

Python (Netmiko/NAPALM/Nornir), Ansible, or Terraform (azurerm networking resources).

Required/Preferred Certifications:

CCNP Enterprise (Required) | AZ-700 (Highly Desirable) | Palo Alto PCNSE | CCIE (Preferred) | Fortinet NSE 4+ Roles & Responsibilities Enterprise Azure Network Architecture & Operations Design and operate enterprise Azure network architecture: Azure Virtu al WAN hub-and-spoke topology connecting 20+ Azure subscriptions, on-premises data centres, and branch offices globally. Manage and optimise ExpressRoute circuits (10Gbps+) including BGP routing policy, route filtering, and failover to Site-to-Site VPN backup paths. Own Azure Firewall Premium policy management across all Azure regions; implement IDPS signatures, TLS inspection, and URL filtering aligned to enterprise security policy. Design and maintain Azure Private DNS Zone architecture integrated with on-premises DNS resolvers (Conditional Forwarders / Azure DNS Private Resolver). Implement and govern Private Endpoint and Private Link strategy for all PaaS services (Azure SQL, Storage, Key Vault, AKS API Server, etc.) to eliminate public exposure. On-Premises & WAN Infrastructure Configure, manage, and optimise enterprise routing and switching infrastructure across Cisco Catalyst /Nexus, Juniper EX/QFX, and Arista platforms in Tier 3+ data centres. Administer BGP peering with upstream ISPs and Azure ExpressRoute; manage AS path manipulation, route redistribution and traffic engineering policies. Design and operate SD-WAN overlay (Cisco Catalyst SD-WAN / VMware VeloCloud) for 200+ branch sites , including policy-based routing and application-aware path selection.

Manage enterprise network security perimeter:

Palo Alto PA-Series (on-premises), Fortinet FortiGate (branch), and Cisco ISE for 802.1X NAC and segmentation. Security, Zero Trust & Network Segmentation Lead implementation of Zero Trust Network Access (ZTNA) architecture using Microsoft Entra Private Access and Entra Internet Access as part of t he enterprise SASE strategy. Design and maintain macro and micro-segmentation strategies using VLANs, VRFs, NSGs, Azure Firewall Policy rule collections, and AKS network policies (Calico/Cilium). Conduct periodic network security reviews and vulnerability assessments; remediate findings from penetration testing and threat intelligence feeds within agreed SLA. Collaborate with the SOC and Cyber Security teams to investigate network-based threats and support forensic analysis of network traffic using Azure Network Watcher and NSG Flow Logs. Monitoring, Capacity & Governance Operate and enhance network monitoring using Azure Network Performance Monitor, Log Analytics ThousandEyes, and SolarWinds NPM for end-to-end visibility across hybrid estate. Lead capacity planning for WAN circuits, Azure VNet address spaces, and data centre switching fabrics. present quarterly capacity reviews to the Head of Infrastructure. Generic Managerial Skills, If any Maintain accurate, audit-ready network documentation: topology diagrams (Visio/Lucid chart), IP Address Management (IPAM) in Azure/InfoBlox, change records in ServiceNow. Participate in 24/7 on-call rota for P1/P2 network incidents, act as Network SME for Major Incident Management bridge calls.

TCS Employee Benefits Summary:

Discretionary Annual Incentive.

Comprehensive Medical Coverage:

Medical & Health, Dental & Vision, Disability Planning & Insurance, Pet Insurance Plans.