Veritran1
Mid-Level Network Engineer
Job description
THE ROLE
We are looking for a hands-on Mid-Level Network Engineer to help run and improve the network, firewall, and load-balancing estate that underpins our payment platforms. You will maintain the availability and performance of a multi-site, partner-connected network, troubleshoot incidents end to end, and steadily migrate our network to automated and AI-assisted ways of working.
This is a genuine growth role. We care more about aptitude, curiosity, and a strong automation mindset than about years on a CV or certificates. We welcome engineers early in their network careers who are analytical, methodical, and already using scripting and AI tools to replace repetitive manual work.
You will join a fast-moving ICT Services function running on world-class infrastructure, reporting to the Chief Information Officer. You will collaborate day to day with systems, security, and database colleagues, and act as a point of network expertise for the wider business. The role is on-site in Harare, with travel across ZSS sites and participation in a shared on-call / change-window rota.
WHAT YOU'LL DO
Networks, routing & connectivity
- Operate, monitor, and troubleshoot the multi-site LAN/WAN estate and partner (PWAN/VPN) connectivity.
- Support BGP routing and prepend-driven failover between primary, secondary, and tertiary paths.
- Manage switching, VLANs, IP addressing/IPAM, and DNS (including external DNS on Route 53).
Firewalls & security
- Administer and troubleshoot the firewall estate, including NAT, ACLs, and security zones.
- Help implement segmentation and zero-trust principles appropriate to a PCI-DSS cardholder-data environment.
- Work with the security function on monitoring, root-cause analysis, and incident response.
Load balancing & service publishing
- Configure and maintain load balancers and reverse proxies that publish internal services to partners and customers.
- Keep service-publishing flows healthy, observable, and well documented.
Operations, monitoring & documentation
- Own business-as-usual tasks, planned changes, and escalated incidents under an ITIL-aligned process.
- Use monitoring and analytics tooling to track utilisation, capacity, and emerging risks.
- Keep network documentation accurate and evidence-based.
AI-AWARE & AUTOMATION MINDSET
- Use AI as a daily working tool - to draft and review configurations, scripts, processes and SOP documentation, accelerate troubleshooting, interrogate documentation, and generate clear write-ups.
- Default to automation: Reach for scripts, APIs, and infrastructure-as-code (Python, Bash, Ansible) rather than repeating manual GUI work, and use AI to help write, test, and review that automation.
- Apply judgement: Treat AI as an accelerator, not an authority, and verify what it produces in a regulated, change-controlled environment.
You do not need to be an AI specialist. You do need to be genuinely curious about these tools and already using them to work more effectively.
Essential
- 2–4 years hands-on experience in networking or infrastructure (we weight aptitude and automation mindset over raw tenure).
- CCNA certification (or equivalent demonstrating solid networking fundamentals).
- Strong TCP/IP fundamentals: Routing (esp. BGP + OSPF), switching, VLANs, NAT, DNS, DHCP, VXLAN/EVPN.
- Practical firewall experience (Cisco, SonicWall, Fortinet, Palo Alto, or similar).
- Working knowledge of load balancers / reverse proxies (HAProxy, NGINX, NetScaler, F5, or similar).
- Some scripting / automation ability (Python, Bash, Ansible, or comparable) - or clear evidence you are building it.
- Comfortable using AI assistants in your workflow.
- Strong analytical and troubleshooting skills, attention to detail, and clear written communication.
- Willingness to work on-site, travel between sites, and take part in an on-call / change-window rota.
Desirable
- Exposure to banking, payments, fintech, or another PCI-DSS / regulated environment.
- Previous experience managing network infrastructure on AWS and Azure environments.
- Familiarity with BGP and multi-site WAN / partner connectivity.
- Vendor or security certifications.
- Experience with infrastructure-as-code, monitoring/observability stacks, or SIEM.
- Awareness of zero-trust networking and AI/ML-driven detection in modern security tooling.
- Familiarity with security frameworks such as PCI-DSS and NIST SP 800.
- Employment type: Permanent, full-time.
- Location: On-site, Harare, Zimbabwe, with travel across ZSS sites.
- Reports to: Chief Information Officer.
- Package: Competitive, commensurate with experience. Highly competitive remuneration and benefits, with excellent opportunities to progress.


