Senior Network Security Specialist – London Metal Exchange (LME). The LME is the world centre for industrial metals trading, with the majority of global non‑ferrous futures business conducted on its three trading platforms totalling $21 trillion, 191 million lots and 4 billion tonnes notional.
Overall Purpose of Role
As a Network Security Specialist you will help design, implement and govern the network security controls that protect our modern, high‑performance enterprise network. You will shape the network security roadmap, define security policies and standards that drive Zero Trust and micro‑segmentation, and work across on‑premises, cloud, and containerised environments to ensure consistent protection across all connectivity layers.
Responsibilities
- Design, implement and maintain enterprise network security controls including firewalls, proxies and secure access services aligned to business and regulatory requirements.
- Act as the technical authority for Fortinet, Palo Alto Networks and Zscaler platforms.
- Ensure security policies are consistently enforced across data centre, campus, cloud and hybrid environments.
- Lead complex troubleshooting of network security issues, balancing security, performance and availability.
- Help define the network security roadmap, aligned with wider technology and security strategies.
- Design and evolve Zero Trust network architectures, including identity‑aware access and least‑privilege principles.
- Define and implement micro‑segmentation strategies for traditional and containerised workloads.
- Provide design input into new initiatives (cloud adoption, Kubernetes/OpenShift, automation, AI platforms).
- Evaluate new security technologies and patterns, producing clear recommendations and design artefacts.
- Develop and maintain network security standards, patterns and policy definitions.
- Ensure adherence to security policies through design reviews, operational controls and continuous improvement.
- Partner with Information Security to translate policy into enforceable technical controls.
- Support audits, risk assessments and regulatory obligations by providing clear evidence of control implementation.
- Act as a technical leader within the Connectivity Engineering Team, mentoring engineers and setting best practice.
- Work closely with Infrastructure, Platform, and Application teams to embed security by design.
- Provide subject‑matter expertise to project teams and senior stakeholders.
Desired Academic and Professional Qualifications
The ideal candidate will hold a bachelor’s degree in Computer Science, Information Technology, or a related discipline, or possess an equivalent combination of education, technical training, and practical experience. Relevant industry certifications (e.g. PCNSE, NSE, CCNP Security, or CISSP) or substantial real‑world application are expected, while ITIL and/or PMI certification is considered an advantage.
Required Knowledge and Level of Experience
- Minimum 5 years’ experience operating in regulated, mission‑critical environments such as financial services or critical infrastructure, with deep hands‑on expertise in enterprise network security engineering and large‑scale network infrastructure support.
- Experience defining and implementing network segmentation and micro‑segmentation strategies.
- Strong understanding of Zero Trust networking principles and identity‑aware access controls.
- Strong experience designing, implementing and optimising firewall and proxy security policies.
- Deep hands‑on experience with Palo Alto Networks (PAN‑OS, Panorama, policy design), Fortinet (FortiGate, FortiManager, FortiAnalyzer) and Zscaler (ZIA, ZPA, Zero Trust Exchange).
- Experience securing hybrid environments spanning on‑prem, cloud and containerised platforms.
- Exposure to security controls and design for Kubernetes/OpenShift.
- Experience with automation and infrastructure‑as‑code approaches for deploying security controls.
- Wide exposure to routing, switching, load balancing and security architectures, with extensive operational and engineering experience.
- Strong grounding in core networking technologies and protocols, including TCP/IP, BGP, OSPF, VLANs, VRF, VPN, VXLAN, NAT, ACLs, DNS.
- Hands‑on experience with packet capture and network analytics and monitoring tools.
- Strong understanding of ITILv3 processes, including incident, problem and change management.
Skills and Competencies
- Ability to translate high‑level security policies into practical, scalable technical designs.
- Strong analytical and diagnostic skills for assessing complex network and security environments.
- Competence in designing and optimising security architectures, network policies and segmentation models.
- Ability to work across hybrid and distributed environments (on‑prem, cloud, container platforms).
- Strong capability to apply automation and IaC concepts to enhance security controls and operational efficiency.
- Ability to collaborate with cross‑functional teams in highly regulated, high‑availability environments.
- Methodical working approach aligned to ITILv3 best practices with proven ability to implement processes.
- Willingness to challenge existing approaches and drive change.
- Strong attention to detail with a focus on operational excellence.
- Comfortable working under pressure, with changing priorities.
- A strong delivery mindset, setting and achieving realistic and timely execution of project deliverables across the portfolio.
Personal Qualities
- Strong communicator with the ability to engage effectively with engineers, architects, and senior management.
- Pragmatic and security‑focused, balancing robust controls with delivery‑oriented execution.
- Strategic thinker with a hands‑on approach, comfortable navigating fast‑paced and evolving technology landscapes.
- Analytical, detail‑driven and process‑oriented, able to translate complexity into clear actions and documentation.
- Skilled at influencing, persuading and guiding others toward the best technical and business outcomes.
- Collaborative team player and leader, with strong interpersonal skills and a passion for mentoring and developing others.
- Adaptable and dependable, able to work effectively across organisational boundaries and understand wider business drivers.
- Customer‑focused and responsive, demonstrating a strong sense of urgency and commitment to service.
- Innovative and proactive, continually seeking improvements in problem‑solving, processes, and solution design.
Equal Opportunity Statement
The LME is committed to creating a diverse environment and is proud to be an equal‑opportunity employer. In recruiting for our teams, we welcome the unique contributions that you can bring in terms of education, ethnicity, race, sex, gender identity, expression & reassignment, nation of origin, age, languages spoken, colour, religion, disability, sexual orientation and beliefs. We want every LME employee to feel our commitment to showing respect for all and encouraging open collaboration and communication.
#J-18808-Ljbffr…
