Find JobsSalary EstimateCareer AdviceUpload ResumeEmployers / Post JobProfileMessage Center

Azure Network Cloud Engineer

First Horizon Bank

Memphis, TN

Apply
JOB DETAILS
SKILLS
ARM (Advanced RISC Machine), BGP, Banking Services, Best Practices, Brokerage, Capacity and Performance Management, Capital Markets, Cloud Architecture, Cloud Computing, Commercial Banking, Cost Analysis, Cost Control, DNS (Domain Name System), DNS Name Resolution, Denial of Service (DoS), DevOps, Financial Services, Firewall Administration, Firewalls, Fixed Income Investments, High Availability, Hubs, Hybrid Cloud, IP (Internet Protocol), Identify Issues, Incident Response, Intrusion Prevention Systems, Load Balancing, Maintain Compliance, Microsoft Product Family, Microsoft Windows Azure, Mortgage, NAT (Network Address Translation), Network Administration/Management, Network Architecture/Engineering, Network Configuration Management, Network Design, Network Monitoring, Network Performance/Analysis, Network Routing, Network Security, Open Shortest Path First Protocol (OSPF), Packet Flows, Performance Management, Performance Tuning/Optimization, Platform as a Service (PaaS), Private Banking, Private Security, Python Programming/Scripting Language, Regulatory Compliance, Retail, Routing Protocols, Scripting (Scripting Languages), Security Architecture, Security Compliance, Small Business, Software Engineering, Stock Keeping Unit (SKU), Subnet, Subnetting, TCP/IP (Transmission Control Protocol/Internet Protocol), Testing, VPN (Virtual Private Network), Virtual System Managers, Wealth Management, Wide Area Network (WAN), Windows PowerShell
LOCATION
Memphis, TN
POSTED
Today
No sponsorship will be provided for this role.

Location: Onsite in Memphis, TN; Maryville, TN; Birmingham, AL; Lafayette, LA; New Orleans, LA; Dallas, TX; Charlotte, NC; or Raleigh, NC

Weekly Schedule: Monday-Friday, 8am-5pm

We are seeking an experienced Azure Networking Engineer to design, implement, optimize, and maintain enterprise-grade networking solutions within Microsoft Azure. This role focuses heavily on advanced routing, hybrid connectivity, security, private access, and traffic management using Azure's core networking services. The ideal candidate will ensure high performance, scalability, resiliency, low latency, and strong security posture for cloud workloads, hybrid environments, and mission-critical applications.

You will collaborate closely with cloud architects, security teams, DevOps engineers, and application teams to deliver robust, production-ready network infrastructures aligned with best practices and organizational requirements.

Key Responsibilities

- Design and implement complex Azure virtual network architectures, including hub-and-spoke models, virtual network peering, and user-defined routes (UDRs) for custom routing scenarios

- Configure and manage routing solutions, including route tables, BGP propagation, route servers (where applicable), and effective route troubleshooting

- Design, deploy, and maintain Azure ExpressRoute circuits - including private and Microsoft peering, ExpressRoute Direct, circuit SKUs/tiers, gateway configurations, and connectivity troubleshooting

- Implement and administer Virtual Network Gateways (VPN Gateways) for site-to-site, point-to-site, and VNet-to-VNet connectivity, including high-availability configurations and policy-based vs. route-based VPNs

- Deploy and manage Azure Virtual WAN (vWAN) deployments, including hub creation, virtual hub routing, secured hubs with Azure Firewall integration, and branch connectivity (VPN/ExpressRoute)

- Configure Azure Firewall (including Firewall Manager, policy rules, DNAT, application rules, network rules, threat intelligence, and IDPS) for centralized network security

- Implement Private Endpoints and Azure Private Link to enable secure, private access to PaaS services without public internet exposure

- Design and manage Azure Private DNS Resolver (inbound/outbound endpoints) for hybrid and multi-VNet DNS resolution scenarios, including conditional forwarding and custom DNS forwarding rules

Configure and optimize load balancing solutions:

- Azure Load Balancer (Basic/Standard, internal/external, high-availability ports, backend pools, health probes)

- Azure Application Gateway (v1/v2, WAF-enabled, URL-based routing, SSL termination, multi-site hosting, autoscaling)

- Deploy and manage NAT Gateways for scalable outbound internet connectivity with static public IPs, zone redundancy, and subnet associations

- Implement and maintain other key Azure networking components, including Network Security Groups (NSGs), Azure DDoS Protection, Azure Front Door (where relevant), Traffic Manager, and Network Watcher for monitoring and diagnostics

- Perform network performance tuning, latency optimization, cost analysis, and capacity planning for networking resources

- Troubleshoot complex connectivity, routing, and security issues using tools such as Azure Network Watcher, NSG flow logs, packet capture, IP flow verify, VPN diagnostics, and ExpressRoute monitoring

- Ensure compliance with security standards, least-privilege access, and zero-trust principles in all network designs

- Document network designs, configurations, runbooks, and incident response procedures

Required Qualifications & Skills

- 4+ years of hands-on experience designing and managing enterprise Azure networking environments

- Deep expertise in the following Azure networking services:

- Virtual Networks, Subnetting, Peering, UDRs

- ExpressRoute (circuits, gateways, private/Microsoft peering)

- Virtual Network Gateways (VPN, high-availability)

- Azure Virtual WAN (vWAN)

- Azure Firewall & Firewall Manager

- Private Endpoints & Private Link

- Azure Private DNS Resolver

- Load Balancer (Standard SKU preferred)

- Application Gateway (v2 preferred, with WAF)

- NAT Gateway

- Strong understanding of networking fundamentals: TCP/IP, BGP, OSPF (if applicable), subnetting, routing protocols, DNS, firewalls, NAT, load balancing (L3/L4 vs L7)

- Experience with hybrid connectivity scenarios (on-premises to Azure integration)

- Proficiency with Azure management tools: Azure Portal, Azure CLI, PowerShell, ARM/Bicep templates, Terraform (preferred)

- Familiarity with monitoring and logging: Azure Monitor, Network Watcher, Log Analytics, NSG flow logs

- Microsoft Certified: Azure Network Engineer Associate (AZ-700) certification strongly preferred (or willingness to obtain within 6 months)

Preferred Qualifications

- Experience with Azure Virtual Network Manager for large-scale VNet governance

- Knowledge of Azure Route Server, Azure Bastion, or DDoS Protection Standard

- Exposure to SD-WAN integrations with Azure Virtual WAN

- Scripting/automation experience (PowerShell, Python, or similar) for networking tasks

- Understanding of zero-trust networking and modern security practices

About Us

First Horizon Corporation is a leading regional financial services company, dedicated to helping our clients, communities and associates unlock their full potential with capital and counsel. Headquartered in Memphis, TN, the banking subsidiary First Horizon Bank operates in 12 states across the southern U.S. The Company and its subsidiaries offer commercial, private banking, consumer, small business, wealth and trust management, retail brokerage, capital markets, fixed income, and mortgage banking services. First Horizon has been recognized as one of the nation's best employers by Fortune and Forbes magazines and a Top 10 Most Reputable U.S. Bank. More information is available at www.FirstHorizon.com .

Benefit Highlights

• Medical with wellness incentives, dental, and vision

• HSA with company match

• Maternity and parental leave

• Tuition reimbursement

• Mentor program

• 401(k) with 6% match

• More -- FirstHorizon.com/First-Horizon-National-Corporation/Careers/Our-Benefits

Follow Us

Facebook

X formerly Twitter

LinkedIn

Instagram

YouTube

About the Company

F

First Horizon Bank