Lead Network Engineer

We are seeking an experienced Lead Network Engineer to own architecture, security, product design, automation and innovation across global production datacenter environments. In this role, you will lead a global Cisco ACI fabric while driving secure, scalable and highly available network solutions that align with business consumption models.

This role requires working in a hybrid mode from any office in Krakow, Wroclaw, Katowice, Warsaw, Gdansk, Lodz or Poznan 3 times a week.

Responsibilities

• Serve as lead engineer for a global Cisco ACI fabric, owning architecture, security, product and service design, automation and innovation across production datacenter environments
• Define product descriptions and tiered service offerings for ADC and DCLAN services (Bronze/Silver/Gold), including explicit SLOs for availability, failover time and change-request lead time; maintain service catalog alignment to business consumption models
• Design and implement secure incident recovery environments using ACI VRF remap as the containment primitive to enable isolated failover testing across Firepower, FortiGate and F5 without production impact; identify and document platform constraints impacting VRF remap behavior
• Architect and deliver F5 BIG-IP Dual-PBR No-SNAT migrations on ACI 6.0, producing validated configuration bundles, automated deployment scripts and validation documentation
• Drive ACI ESG micro-segmentation strategy and migration execution, including phased contract design; build Python tooling for tenant migration validation and configuration generation
• Design Cilium BGP L3Out integration for Kubernetes workloads on ACI, including BFD tuning for VMware compatibility and route-map controls to prevent pod CIDR leakage into the fabric VRF
• Build hybrid IaC pipelines (Terraform Day-1, Ansible/AWX Day-2) for F5 BIG-IP LTM/SSL services with tiered service models and ServiceNow-triggered provisioning
• Ensure operational excellence by sustaining high fabric availability, reducing unscheduled outages, meeting aggressive CVE patch timelines and maintaining strong zero-trust segmentation audit scores

Requirements

• 5+ years of experience in network engineering within datacenter environments
• Expertise in Cisco ACI (Multi-Pod, Multi-Site, ESG, PBR Service Graphs, APIC REST API)
• Proficiency in Nexus 9K/7K/5K, VXLAN and vPC
• Skills in F5 BIG-IP (LTM, GTM/DNS, iRules, PBR, DSR, SNAT/No-SNAT)
• Knowledge of Citrix NetScaler
• English proficiency at B2 level or higher

Nice to have

• Background in Terraform, Ansible/AWX and Python
• Familiarity with GitLab CI/CD, GitHub Actions and Azure DevOps Pipelines