VP, Network Engineering

About The Position

Requirements

• 10+ years of progressive technical experience including 5+ years in cloud infrastructure or platform engineering leadership; Bachelor's degree in Computer Science, Engineering, or a related discipline (or equivalent work experience)
• 5+ years of hands-on production AWS at scale in a multi-account landing zone, with 4+ years of authoring production Terraform in a private module ecosystem delivered through Terraform Cloud and GitHub Actions
• 5+ years experience as a direct people manager of engineering teams of 5+ engineers, including hiring, performance management, compensation, and difficult personnel decisions
• 5+ years experience leading and personally participating in 24x7 production on-call rotations in a fast-paced, security-conscious, regulated environment (financial services strongly preferred)
• 10+ years experience running BGP for hybrid cloud-to-on-premises connectivity over Direct Connect and Site-to-Site VPN (eBGP/iBGP, route propagation, BGP communities, AS-path policy, route filtering); BGP fluency is required given LPL's hybrid network architecture
• Strong partnership instincts with Security & Governance and the enterprise Information Security organization — operates as one team, not as a handoff
• Translates compliance requirements into pragmatic, automated, code-reviewed controls — every network change is a code change
• Player-coach who is comfortable in code reviews, architecture sessions, and people 1:1s in the same day
• Continuous learner, especially in cloud-native, IaC, platform engineering, and applied AI
• Sets vision and translates ambiguous strategy into executable engineering roadmaps
• Bias for self-service, automation, and reducing toil for downstream internal customers
• Builds high-trust relationships across the US and India organization and across functions (Architecture, Security, FinOps, Application Engineering, Network, Audit)
• Calm, decisive incident commander; fosters a strong post-incident learning culture
• Excellent written and verbal communication, executive presence, and ability to influence without direct authority
• Thrives in matrixed, fast-paced, regulated environments with imperfect information

Nice To Haves

• Experience with zero-trust architecture, ZScaler, Netskope, or comparable solutions
• Experience with on-premises data-center networking (Cisco, Arista) for hybrid scenarios and cloud-to-DC connectivity
• Cisco networking certifications: CCNA, CCNP Enterprise, or CCIE (Enterprise Infrastructure or Service Provider)
• AWS Certified Advanced Networking - Specialty
• AWS Certified Security - Specialty
• Solid command of additional routing and connectivity fundamentals: OSPF, IPSec, TLS, DNS, and certificate management
• Master's degree in Computer Science, Engineering, or MBA
• Experience building, scaling, or leading globally distributed engineering teams across the US and India / GCC
• Experience integrating agentic AI / GenAI tooling (Cursor, Claude Code, Copilot, Bedrock, MCP) into platform, IaC, and engineering practice
• Strong scripting / programming proficiency in Python, Bash, or PowerShell
• AWS Solutions Architect - Professional
• AWS Certified Generative AI Developer - Associate
• HashiCorp Certified: Terraform Associate (004) or Authoring & Operations
• Open-source contributions, public technical writing, or conference speaking on cloud, IaC, or platform engineering topics
• Experience with FinOps practices and cloud cost management at scale

Responsibilities

• Lead the Network Engineering pod within the Foundations team in CCOE: own AWS network architecture, implementation, and operations across LPL's multi-account landing zone
• Design, build, and operate Transit Gateway, VPCs, PrivateLink and private endpoints, hybrid connectivity over Direct Connect and Site-to-Site VPN with BGP-driven routing, edge services, network firewalls (AWS Network Firewall, Palo Alto, etc.), DNS (Route 53, Infoblox), and certificate management (ACM, ACM PCA)
• Partner deeply and continuously with the VP, Security & Governance to design, automate, and enforce network-layer security controls: segmentation and micro-segmentation, encryption in transit, ingress/egress inspection, WAF, Shield, GuardDuty, and network-detective controls
• Co-own and continuously harden the multi-account landing zone in partnership with the Security & Governance, FinOps, Monitoring, and Functional Design Engineering & Strategy pods (within Foundations) and the Platforms and Containers teams — delivering a secure-by-default network fabric
• Translate regulatory requirements (FINRA, SEC, PCI, SOX) into network and connectivity controls; partner with Security & Governance, the enterprise Information Security organization, and Internal Audit on evidence collection, attestation, and audit response
• Build and maintain the Terraform code that defines LPL's foundational network layer — VPCs, Transit Gateway, route tables, security groups, network firewalls, PrivateLink, DNS, and edge services — deployed through Account Factory for Terraform (AFT) at the foundational base layer, distinct from the private module library that application teams consume for self-service
• Drive the network strategy for new patterns: zero trust, PrivateLink, private endpoints, IPv6, and service-mesh integration
• Embed agentic AI capabilities into the team's engineering practice (e.g., Cursor, Claude Code, Bedrock, MCP servers, agentic IaC and review workflows) and into the platform's self-service experience for internal customers
• Embed agentic AI capabilities into network operations: automated change-impact analysis, network policy generation from intent, AI-assisted incident triage, and conversational self-service for common network change requests
• Recruit, develop, mentor, and retain a globally distributed team of senior cloud engineers across LPL's US offices and India Global Capability Center (GCC)
• Own all people-management responsibilities for the pod including hiring, onboarding, weekly 1:1s, performance management, compensation planning, career development, and certification-path execution per the CCOE certification matrix
• Operate as a player-coach: spend meaningful time hands-on in Terraform code, design reviews, peer reviews, and incident response while leading people and delivery
• Lead and personally participate in 24x7 on-call rotations as senior incident commander and technical escalation point for the pod
• Partner with peer VPs across the Cloud Center of Excellence — the leaders of the five CCOE teams (Foundations, Platforms, Containers, Support, Delivery) and the leaders of the pods within Foundations (Security & Governance, FinOps, Functional Design Engineering & Strategy, Network Engineering, Monitoring) — to align roadmaps and remove cross-team and cross-pod blockers
• Champion AWS Well-Architected Framework adoption across all six pillars and drive continuous improvement against operational, security, reliability, performance, cost, and sustainability outcomes
• Participate in Agile/Scrum ceremonies (sprint planning, standups, backlog grooming, retrospectives) and partner with the RTE and PMO on delivery commitments and dependencies
• Represent the pod in executive forums, architecture review boards, internal audit, and customer engagements; communicate technical risk and trade-offs to non-technical executives

Benefits

• 401K matching
• health benefits
• employee stock options
• paid time off
• volunteer time off