Network Security SME

Network Security SME – Contract Opportunity

• Job Title: Network Security SME
• Start Date: ASAP (subject to DV transfer/confirmation)
• Contract Type: Contract/Interim
• Duration: 12 months, likely extension
• Day Rate: DOE
• Location: Classified UK Defence Sites
• Clearance Requirement: Active UK Developed Vetting (DV) Clearance is essential

Overview

A leading UK Defence organisation is seeking an experienced DV-cleared Network Security Subject Matter Expert (SME) to join a highly classified programme supporting mission-critical systems for UK national security.

You will play a key role in designing, hardening and assuring secure network architectures across multiple secure domains, ensuring compliance with security standards, and working closely with security architects, infrastructure engineers and cyber operations teams in a secure environment.

Key Responsibilities

• Network Security Design & Architecture

  • Design and review secure network architectures across multiple security domains, including cross‑domain solutions and enclave segmentation.
  • Define and implement network zoning, segregation and boundary controls (firewalls, gateways, proxies, network access control).
  • Work closely with Security Architects to ensure alignment with security patterns and accreditation requirements.

• Security Engineering & Hardening

  • Configure and harden network security technologies (e.g. firewalls, VPNs, IDS/IPS, secure routing/switching, load balancers).
  • Lead the implementation of zero‑trust principles, least privilege and secure remote access mechanisms in a classified context.
  • Review and enhance security of campus, data centre and cloud-connected networks as applicable to the project.

• Assurance, Risk & Compliance

  • Provide subject matter input into RMADS/Security Cases and support the accreditation process.
  • Map controls to relevant standards and frameworks.
  • Conduct and support technical risk assessments, design reviews and security impact assessments on new and changed services.

• Operations & Incident Support

  • Act as the primary network security escalation point for the programme, supporting the SOC and incident response teams.
  • Assist in root-cause analysis for security incidents affecting network infrastructure and propose remediation actions.
  • Provide oversight of security monitoring use cases and logging for network devices and security appliances.

• Stakeholder Engagement & Leadership

  • Advise senior technical and non-technical stakeholders on network security options, risks and trade-offs.
  • Mentor and guide network and infrastructure engineers in secure configuration and best practice.
  • Contribute to roadmaps, standards and design patterns to uplift network security maturity across the programme.

Essential Experience & Skills

• Current, active DV clearance with recent experience working on classified UK Government or Defence programmes.
• Strong background as a Network Security Engineer / Network Architect / SME in complex, secure environments.
• Hands-on experience with a range of network and security technologies, for example:
  • Enterprise firewalls (e.g. Palo Alto, Check Point, Cisco, Fortinet)
  • Routers and switches (e.g. Cisco, Juniper, Arista)
  • VPNs, secure remote access and SSL/TLS
  • IDS/IPS, web proxies, load balancers, network access control (NAC)
• Demonstrable experience designing or securing networks aligned to NCSC standards and patterns.
• Strong understanding of:
  • Network protocols (TCP/IP, DNS, DHCP, BGP, OSPF, MPLS, etc.)
  • Network segmentation, micro‑segmentation and zero‑trust concepts
  • Secure connectivity between on‑premises, private cloud and/or public cloud environments
• Proven ability to translate complex technical risks into clear, actionable recommendations for stakeholders.
• Excellent communication skills and the ability to operate in a multidisciplinary, highly secure environment.

Desirable Experience

• Prior experience on defence primes or national security programmes.
• Familiarity with:
  • NCSC guidance, CESG IA principles, JSP and Defence-specific policies
  • SIEM/SOC environments and network security monitoring/use case development
  • Infrastructure‑as‑Code / automation for network configuration (e.g. Ansible)
• Relevant certifications such as CISSP, CCNP Security, CCIE, PCNSE, CISM, GIAC (or equivalent).
• Experience contributing to accreditation evidence, including RMADS, security cases and design documentation.

Personal Attributes

• Discreet, trustworthy and comfortable working with highly sensitive information.
• Proactive, delivery‑focused and able to work under pressure in a mission‑critical environment.
• Collaborative mindset with the ability to build strong relationships across security, infrastructure, operations and project teams.
• Strong analytical and problem‑solving skills with a pragmatic, risk‑based approach to security.

How to Apply

• If interested, please send me your most recent CV and contact information so that we can speak in more detail about the opportunity.