Back

MoD-DV Network Security Architect (OutsideIR35) at IO Associates, England, £Contract Rate

Duration not stated

Contract Description

MoD-DV cleared Network Security Architect (Outside IR35)

Contract/Working Pattern

  • Job Title: MoD-DV Network Security Architect
  • Contract: Outside IR35
  • Duration: 12-month contract, rolling extensions
  • Location: UK (hybrid) - split between home working and onsite UK data centres/secure sites (frequency confirmed with the client)
  • Clearance: Active UK MoD DV (current/transferable) required

Role Overview

We're engaging an experienced DV-cleared Network Security Architect to lead the design and assurance of secure network architecture for a UK Defence environment. You'll set architectural direction, define secure patterns/standards, and support delivery teams working across data-centre and hybrid estates.

Key Responsibilities

  • Lead secure network architecture design across on-prem/data-centre and hybrid environments.
  • Produce/own architecture artefacts: HLD/LLD, standards, patterns, reference architectures, as-built documentation.
  • Provide technical governance: design reviews, assurance, risk decisions, exception handling.
  • Define and assure solutions for:
    • secure boundaries/perimeter controls
    • segmentation and zoning (incl. secure enclaves)
    • controlled data flows and restricted connectivity models
    • secure remote access aligned to defence constraints
  • Work closely with network engineers, security teams/SOC, service owners and suppliers to drive designs from concept to implementation.

Essential Skills & Experience

  • Proven Network Security Architecture experience in defence/government/high-assurance environments.
  • Strong understanding of secure network design (defence-in-depth, least privilege, secure boundary principles, Zero Trust concepts).
  • Hands-on architectural capability across:
    • routing/switching (enterprise scale)
    • Firewall architecture (HA, policy design, rulebase strategy)
    • segmentation (zones, VLAN/VRF patterns, restricted service exposure)
    • security controls such as Proxy, IDS/IPS, NAC (as applicable)
  • Strong documentation and stakeholder management skills (able to brief senior technical and non-technical audiences).

Desirable

  • Experience with one or more: Fortinet/Palo Alto/Check Point/Cisco/Juniper.
  • Exposure to SASE/SD-WAN (within constrained/secure environments).
  • Experience supporting accreditation/assurance evidence and security design sign-off.

Next Steps:

  • Please send me your contact information and most recent CV so that we can speak in more detail.

Outside Spy
About Outside Spy

Outside Spy discovers all the Outside IR35 IT contract opportunities for members. 

    Join Now

 

View & Apply Now