Engineering

DV-Cleared Network Security SME

  • Location

    England

  • Sector:

    Defence

  • Job type:

    Contract

  • Salary:

    Up to £0.00 per annum

  • Contact:

    Rami James

  • Contact email:

    r.james@ioassociates.co.uk

  • Job ref:

    BBBH171292_1765553888

  • Startdate:

    ASAP

DV-Cleared Network Security SME - Contract (Freelance) - Start Date: ASAP

  • Job Title: DV-Cleared Network Security SME
  • Location: Hybrid - UK
  • Clearance Required: Active Developed Vetting (DV) - Non-negotiable
  • Rate: DOE
  • Client: Defence
  • Start Date: ASAP

Role Overview: We are instructed on an exclusive, sole-supplier basis to identify an elite DV-cleared Network Security SME for a flagship National Security programme delivering next-generation secure network infrastructure for UK Defence and Intelligence Community end-customers.

Key Responsibilities:

  • Design and implement ultra-high-assurance network architectures (LAN/WAN/SD-WAN) for air-gapped, cross-domain and multi-level security environments.
  • Lead the integration of Zero Trust Network Access (ZTNA), SASE and Software-Defined Perimeter solutions at scale.
  • Architect and harden boundary protection systems (next-gen firewalls, IDS/IPS, web proxies, reverse proxies, data diodes).
  • Define and enforce cryptographic network segmentation using PKI, IPsec, MACsec and quantum-resistant algorithms.
  • Produce HLD/LLD, security operating procedures and As-Built documentation to NCSC/CESG standards.
  • Act as design authority during security accreditation (RMADS, SyOPs, risk balance cases).
  • Mentor and upskill SC-cleared team members and conduct secure design reviews.

Essential Technical Skills & Experience:

  • Current active DV clearance (no lapses, used within last 12 months).
  • 10+ years network security architecture in Defence/Intelligence environments.
  • Expert-level Cisco (CCIE Security or CCDP equivalent) + deep Palo Alto, Fortinet, Juniper SRX/MSeries.
  • Advanced routing/switching (BGP, OSPF, MPLS, EVPN-VXLAN in secure enclaves.
  • Zscaler ZIA/ZPA, Netskope, Menlo Security or equivalent SASE platforms.
  • Illumio, AppGate SDP or Tuffin for micro-segmentation.
  • F5 BIG-IP APM/LTM, Pulse Secure or Cisco Secure Connect for remote access.
  • Experience of CESG IA Notices, JSP 440, JSP 604 and NCSC Good Practice Guides.
  • HMG Crypto Custodian experience highly desirable.

Desirable:

  • Current or recent exposure to Project MORPHEUS, NSoIT(D), DART or Skynet 6
  • NCSC CCP SIRA / Senior SIRA status
  • CHECK Team Leader or CREST CRT
  • TOGAF or SABSA certification

Next Steps:

  • Please send me your latest CV so that we can speak in more detail.

#NetworkSecurity #DVCleared #Defence #Contract #Freelance