Senior Network Security Specialist
Shift Pattern:
Standard 40 Hour Week (United Kingdom)
Scheduled Weekly Hours:
40
Corporate Grade:
D - Assistant Vice President
Reporting Line:
(UK Division) Information Technology
Location:
UK-London
Worker Type:
Permanent
About the London Metal Exchange
The London Metal Exchange (LME) is the world centre for industrial metals trading. Most of the world’s global non-ferrous futures business is conducted on the LME’s three trading platforms totalling $21 trillion, 191 million lots and 4 billion tonnes notional with a market open interest high of 2.1 million lots in 2025.
The metals community uses the LME, an HKEX Group company, as a venue to transfer or take on price risk, as a physical market of last resort and as the provider of transparent global reference prices.
Overall Purpose of Role
As a Network Security Specialist, you will help design, implement and govern the network security controls that protect our modern, high‑performance enterprise network. You will take a hands‑on role in shaping the network security roadmap, defining security policies and standards that drive the adoption of Zero Trust and micro‑segmentation across the organisation.
Working within the Connectivity Engineering Team, you will collaborate closely with Information Security, Platform, Infrastructure and Application teams to ensure security is embedded by design. Your expertise will be applied across on‑premises, cloud, and containerised environments, ensuring consistent and robust protection across all connectivity layers. You will also support the organisation’s LAN, WAN, Campus and Data Centre network services, ensuring reliability, resilience and high performance. You will maintain and develop core network standards across related systems, coordinate network activities across multiple technology projects, contribute deep technical expertise and produce both high‑ and low‑level designs. As a subject matter expert, you will also provide 3rd‑line escalation support when required.
This role reports directly to the Network Manager and may include participation in an on‑call rota, as well as occasional evening and weekend work. TOIL or overtime compensation will be available.
Responsibilities:
- Design, implement and maintain enterprise network security controls including firewalls, proxies and secure access services aligned to business and regulatory requirements.
- Act as the technical authority for Fortinet, Palo Alto Networks and Zscaler platforms.
- Ensure security policies are consistently enforced across data centre, campus, cloud and hybrid environments.
- Lead complex troubleshooting of network security issues, balancing security, performance and availability.
- Help to define the network security roadmap, aligned with wider technology and security strategies.
- Design and evolve Zero Trust network architectures, including identity-aware access and least-privilege principles.
- Define and implement micro-segmentation strategies for traditional and containerised workloads.
- Provide design input into new initiatives (cloud adoption, Kubernetes/OpenShift, automation, AI platforms).
- Evaluate new security technologies and patterns, producing clear recommendations and design artefacts
- Develop and maintain network security standards, patterns and policy definitions.
- Ensure adherence to security policies through design reviews, operational controls and continuous improvement.
- Partner with Information Security to translate policy into enforceable technical controls.
- Support audits, risk assessments and regulatory obligations by providing clear evidence of control implementation.
- Act as a technical leader within the Connectivity Engineering Team, mentoring engineers and setting best practice.
- Work closely with Infrastructure, Platform, and Application teams to embed security by design.
- Provide subject-matter expertise to project teams and senior stakeholders.
PERSON SPECIFICATION:
Desired Academic and Professional Qualifications:
The ideal candidate will have experience working within an ITIL‑governed environment and established infrastructure support frameworks. They will hold a bachelor’s degree in Computer Science, Information Technology, or a related discipline, or possess an equivalent combination of education, technical training, and practical experience.
Relevant industry certifications (e.g. PCNSE, NSE, CCNP Security, or CISSP) or substantial real‑world application are expected, while ITIL and/or PMI certification is considered an advantage.
Required Knowledge and Level of Experience:
Minimum 5 years’ experience operating in regulated, mission‑critical environments (e.g., financial services, critical infrastructure), with deep hands-on expertise in enterprise network security engineering and large-scale network infrastructure support.
- Experience defining and implementing network segmentation and micro‑segmentation strategies.
- Strong understanding of Zero Trust networking principles and identity‑aware access controls.
- Strong experience designing, implementing and optimising firewall and proxy security policies.
- Deep hands-on experience with
- Palo Alto Networks (PAN‑OS, Panorama, policy design
- Fortinet (FortiGate, FortiManager, FortiAnalyzer)
- Zscaler (ZIA, ZPA, Zero Trust Exchange)
- Experience securing hybrid environments spanning on‑prem, cloud, and containerised platforms.
- Exposure to security controls and design for Kubernetes/OpenShift.
- Experience with automation and infrastructure-as-code approaches for deploying security controls.
- Wide exposure to routing, switching, load balancing and security architectures, with extensive operational and engineering experience.
- Strong grounding in core networking technologies and protocols, including:
- TCP/IP, BGP, OSPF, VLANs, VRF, VPN, VXLAN, NAT, ACLs, DNS.
- Hands‑on experience with packet capture and network analytics and monitoring tools.
- Strong understanding of ITILv3 processes, including incident, problem and change management.
Skills and Competencies:
- Ability to translate high‑level security policies into practical, scalable technical designs.
- Strong analytical and diagnostic skills for assessing complex network and security environments.
- Competence in designing and optimising security architectures, network policies and segmentation models.
- Ability to work across hybrid and distributed environments (on‑prem, cloud, container platforms).
- Strong capability to apply automation and IaC concepts to enhance security controls and operational efficiency.
- Ability to collaborate with cross-functional teams in highly regulated, high‑availability environments.
- Methodical working approach, aligned to ITILv3 best practices with and proven ability to implement processes.
- Willingness to challenge existing approaches and drive change.
- Strong attention to detail with a focus on operational excellence.
- Comfortable working under pressure, with changing priorities.
- A strong delivery mindset, setting and achieving realistic and timely execution of project deliverables across the portfolio.
Personal Qualities:
- Strong communicator with the ability to engage effectively with engineers, architects, and senior management.
- Pragmatic and security-focused, balancing robust controls with delivery-oriented execution.
- Strategic thinker with a hands-on approach, comfortable navigating fast‑paced and evolving technology landscapes.
- Analytical, detail-driven, and process-oriented, able to translate complexity into clear actions and documentation.
- Skilled at influencing, persuading and guiding others toward the best technical and business outcomes.
- Collaborative team player and leader, with strong interpersonal skills and a passion for mentoring and developing others.
- Adaptable and dependable, able to work effectively across organisational boundaries and understand wider business drivers.
- Customer-focused and responsive, demonstrating a strong sense of urgency and commitment to service.
- Innovative and proactive, continually seeking improvements in problem-solving, processes, and solution design.
The LME is committed to creating a diverse environment and is proud to be an equal opportunity employer. In recruiting for our teams, we welcome the unique contributions that you can bring in terms of education, ethnicity, race, sex, gender identity, expression & reassignment, nation of origin, age, languages spoken, colour, religion, disability, sexual orientation and beliefs. In
doing so, we want every LME employee to feel our commitment to showing respect for all and encouraging open collaboration and communication.