Lead System and Infrastructure Engineer

Lead System and Infrastructure Engineer 

1. Infrastructure Strategy & Leadership

• Lead the design and evolution of enterprise infrastructure architecture across datacenter and hybrid cloud environments.  

• Define standards, best practices, and governance for network, server, and security infrastructure.  

• Manage and mentor the infrastructure team, ensuring skill development, accountability, and high performance.  

• Collaborate with security, application, and DevOps teams to align infrastructure with business and regulatory requirements.  

• Own capacity planning, lifecycle management, and technology roadmap for infrastructure systems.  

2. Network Design & Operations

• Architect, deploy, and maintain enterprise-grade network infrastructure including switches, routers, firewalls, and load balancers.  

• Ensure highly available network design with redundancy, failover mechanisms, and elimination of single points of failure.  

• Oversee configuration and management of VLANs, trunking, spanning tree, and inter-VLAN routing.  

• Manage routing protocols including BGP, OSPF, and static routing with strict change control processes.  

• Lead implementation and operations of SD-WAN/MPLS connectivity for multi-site environments.  

• Ensure continuous monitoring of network health, performance, and utilization with proactive issue resolution.  

• Maintain up-to-date network topology, documentation, and audit readiness.  

3. Firewall, Security & Access Control

• Own configuration and management of next-generation firewalls (e.g., Fortinet, Palo Alto, pfSense).  

• Enforce least privilege access through firewall policies, ACLs, and segmentation strategies.  

• Design and implement secure network segmentation (DMZ, zone-based, micro-segmentation).  

• Oversee VPN infrastructure (IPSec, SSL/TLS) with MFA enforcement for secure connectivity.  

• Manage IDS/IPS systems, including tuning and incident response integration.  

• Conduct periodic firewall and access rule reviews to ensure compliance and risk reduction.  

• Partner with security teams on vulnerability assessments, penetration testing, and remediation.  

4. Server & Compute Infrastructure

• Oversee deployment and management of physical and virtual infrastructure (VMware, Nutanix, AWS).  

• Manage server lifecycle including provisioning, hardening, patching, and decommissioning.  

• Ensure high availability through clustering, failover, and workload resilience strategies.  

• Manage storage infrastructure (SAN, NAS, object storage) with robust backup and snapshot policies.  

• Oversee core infrastructure services including DNS, DHCP, IPAM, and NTP.  

• Support infrastructure requirements for Kubernetes and containerized workloads.  

• Maintain accurate hardware inventory, rack layouts, and infrastructure documentation.  

5. Monitoring, Incident Response & Reliability

• Own infrastructure monitoring strategy using tools such as Zabbix, Nagios, PRTG, or equivalent.  

• Define alerting thresholds, escalation paths, and reduce alert fatigue through optimization.  

• Lead incident response for critical (Sev1/Sev2) outages, including root cause analysis and resolution.  

• Perform deep technical troubleshooting including packet analysis (Wireshark, tcpdump).  

• Ensure disaster recovery planning, testing, and compliance with defined RTO/RPO objectives.  

• Drive post-incident reviews and continuous improvement initiatives.  

6. Automation, Compliance & Governance

• Promote Infrastructure-as-Code (Terraform, Ansible) for scalable and consistent deployments.  

• Ensure all infrastructure changes follow documented change management processes.  

• Align infrastructure with regulatory and compliance requirements (e.g., security, availability, auditability).  

• Maintain audit-ready documentation, configurations, and access controls.  

• Drive standardization and automation to reduce manual effort and operational risk.  

Key Expectations 

• Ensure high availability, security, and scalability of all infrastructure systems.  

• Build a resilient, well-documented environment that can operate independently of individuals.  

• Drive proactive monitoring, automation, and continuous improvement.  

• Maintain audit compliance and operational excellence across all infrastructure domains. 

Please send your CV at vacancy@khalti.com

Khalti खाता छैन?  

Download now For more updates about Khalti’s campaign, events, services, and offer, you can also follow us on our official Facebook page, Youtube, Twitter, Viber, Linkedin, and Instagram.