Principal Network Security Consultant at iO Associates, England, £Contract Rate

Principal Network Security Consultant

Contract Details

• Contract: Outside IR35
• Location: UK (secure data centre / secure site work expected)
• Start / Duration: ASAP
• Rate: DOE

Role summary

We are hiring a Principal Network Security Consultant for an Outside IR35 contract to lead the design and delivery of secure network solutions within UK secure data centre environments. You will operate as a senior technical authority, working with architects, engineers, and stakeholders to deliver resilient, compliant network security outcomes for sensitive programmes.

Clearance requirement (essential)

Applicants must currently hold (or be able to maintain) one of the following clearances:

• eDV
• DV
• MoD-DV
• NATO COSMIC Top Secret (CTS)
• SC
• NPPV3

(UK-based working in secure environments is required.)

Key responsibilities

• Lead the security architecture and technical design of complex network solutions in secure data centres (on-prem / private cloud / hybrid).
• Own end-to-end delivery: HLD/LLD, implementation approach, testing, and handover.
• Provide senior consultancy across:
  • Network segmentation & micro-segmentation
  • Firewall policy design and rulebase rationalisation
  • Secure routing/switching and resilient DC network patterns
  • Remote access and privileged/admin access models
• Lead technical engagement with stakeholders (security, infrastructure, service management, and delivery).
• Support incident response and problem management for network/security events where required (root cause, containment, remediation).
• Produce high-quality technical documentation: HLD/LLD, build guides, as-built packs, and implementation plans.
• Mentor engineers/consultants, set technical direction, and support best practice across delivery teams.

Essential skills & experience

• Proven experience as a senior/lead network security consultant in highly regulated / government / defence environments.
• Strong data centre networking background (design + implementation), including:
  • Routing & switching (BGP, OSPF, VLANs, VRFs, QoS)
  • High availability and resilient design (active/active, active/passive patterns)
• Deep hands-on firewall expertise (one or more):
  • Palo Alto, Fortinet, Check Point, Cisco ASA/FTD
• Experience delivering:
  • Network segmentation, secure enclaves, and controlled inter-zone connectivity
  • Ingress/egress security, north-south / east-west traffic control
  • NAC approaches (e.g., Cisco ISE or equivalents) and secure access controls
• Strong security fundamentals: encryption, Zero Trust principles, secure admin, auditability/logging, and secure change.

Desirable (nice to have)

• SIEM integration experience (e.g., Splunk, Sentinel, ArcSight) for network/security log onboarding.
• Load balancers / ADCs (F5, A10) in secure zones.
• Automation concepts (Ansible/Terraform) for network/security builds (where permitted).
• Certifications such as CCNP/CCIE, PCNSE, CISSP, GIAC, NSE, CCSE.