Network Security Architect

Network Security Architect (Outside IR35)

  • Job Title: MoD-DV Network Security Architect
  • Contract: Outside IR35
  • Duration: 12 months (rolling extensions)
  • Location: UK (hybrid) - split between home working and onsite UK data centres/secure sites (onsite frequency to be confirmed)
  • Clearance: Active, transferable UK MoD DV is mandatory

Role Overview

We're looking for an experienced DV-cleared Network Security Architect to lead the design, assurance, and governance of secure network architecture within a UK Defence environment. You'll set architectural direction, define secure standards and patterns, and support delivery teams across on-prem/data-centre and hybrid estates.

Key Responsibilities

  • Lead secure network architecture design across data-centre/on-prem and hybrid environments.
  • Produce and own architecture deliverables, including:
    • HLD/LLD
    • Standards, patterns, and reference architectures
    • As-built documentation
  • Provide technical governance and assurance, including:
    • Design reviews and technical approval
    • Risk and exception management
    • Architectural decision-making and stakeholder sign-off support
  • Define and assure solutions covering:
    • Secure boundaries/perimeter controls
    • Segmentation and zoning (including secure enclaves)
    • Controlled data flows and restricted connectivity models
    • Secure remote access aligned to Defence constraints
  • Collaborate closely with engineers, security teams/SOC, service owners, and suppliers to drive designs from concept through to implementation.

Essential Skills & Experience

  • Proven experience in Network Security Architecture within Defence/Government/high-assurance environments.
  • Strong understanding of secure network design principles, including:
    • Defence-in-depth
    • Least privilege
    • Secure boundary patterns
    • Zero Trust concepts
  • Hands-on architectural capability across:
    • Enterprise routing and switching
    • Firewall architecture (HA design, policy design, rulebase strategy)
    • Segmentation approaches (zones, VLAN/VRF patterns, restricted service exposure)
    • Security controls such as Proxy, IDS/IPS, NAC (as applicable)
  • Strong documentation and stakeholder skills (able to brief both senior technical and non-technical audiences).

Desirable

  • Experience with one or more of: Fortinet, Palo Alto, Check Point, Cisco, Juniper
  • Exposure to SASE/SD-WAN within constrained/secure environments
  • Experience supporting assurance/accreditation evidence and security design sign-off

Next Steps

If you hold active MoD DV clearance and this aligns with your experience, please send your most recent CV and best contact details so we can arrange a confidential discussion.

Apply Now
Apply Now

Job Details

Company
IO Associates
Location
England, United Kingdom
Hybrid / Remote Options
Employment Type
Contract
Salary
GBP Annual
Posted