MoD-DV Network Security Architect (OutsideIR35)
Posted 4 days ago by IO Associates
Negotiable
Outside
Hybrid
England, UK
Summary: The role of MoD-DV Network Security Architect involves leading the design and assurance of secure network architecture within a UK Defence environment. The position requires an experienced professional with active UK MoD DV clearance to set architectural direction and support delivery teams across hybrid and data-centre environments. The contract is outside IR35 and offers a 12-month duration with potential rolling extensions. The working pattern is hybrid, combining home working with onsite duties at UK data centres and secure sites.
Key Responsibilities:
- Lead secure network architecture design across on-prem/data-centre and hybrid environments.
- Produce/own architecture artefacts: HLD/LLD, standards, patterns, reference architectures, as-built documentation.
- Provide technical governance: design reviews, assurance, risk decisions, exception handling.
- Define and assure solutions for:
- secure boundaries/perimeter controls
- segmentation and zoning (incl. secure enclaves)
- controlled data flows and restricted connectivity models
- secure remote access aligned to defence constraints
- Work closely with network engineers, security teams/SOC, service owners and suppliers to drive designs from concept to implementation.
Key Skills:
- Proven Network Security Architecture experience in defence/government/high-assurance environments.
- Strong understanding of secure network design (defence-in-depth, least privilege, secure boundary principles, Zero Trust concepts).
- Hands-on architectural capability across:
- routing/switching (enterprise scale)
- firewall architecture (HA, policy design, rulebase strategy)
- segmentation (zones, VLAN/VRF patterns, restricted service exposure)
- security controls such as proxy, IDS/IPS, NAC (as applicable)
- Strong documentation and stakeholder management skills (able to brief senior technical and non-technical audiences).
Salary (Rate): Up to £0.00 per annum
City: undetermined
Country: UK
Working Arrangements: hybrid
IR35 Status: outside IR35
Seniority Level: undetermined
Industry: IT
MoD-DV cleared Network Security Architect (Outside IR35)
Contract/Working Pattern
- Job Title: MoD-DV Network Security Architect
- Contract: Outside IR35
- Duration: 12-month contract, rolling extensions
- Location: UK (hybrid) - split between home working and onsite UK data centres/secure sites (frequency confirmed with the client)
- Clearance: Active UK MoD DV (current/transferable) required
Role Overview
We're engaging an experienced DV-cleared Network Security Architect to lead the design and assurance of secure network architecture for a UK Defence environment. You'll set architectural direction, define secure patterns/standards, and support delivery teams working across data-centre and hybrid estates.
Key Responsibilities- Lead secure network architecture design across on-prem/data-centre and hybrid environments.
- Produce/own architecture artefacts: HLD/LLD, standards, patterns, reference architectures, as-built documentation.
- Provide technical governance: design reviews, assurance, risk decisions, exception handling.
- Define and assure solutions for:
- secure boundaries/perimeter controls
- segmentation and zoning (incl. secure enclaves)
- controlled data flows and restricted connectivity models
- secure remote access aligned to defence constraints
- Work closely with network engineers, security teams/SOC, service owners and suppliers to drive designs from concept to implementation.
Essential Skills & Experience
- Proven Network Security Architecture experience in defence/government/high-assurance environments.
- Strong understanding of secure network design (defence-in-depth, least privilege, secure boundary principles, Zero Trust concepts).
- Hands-on architectural capability across:
- routing/switching (enterprise scale)
- firewall architecture (HA, policy design, rulebase strategy)
- segmentation (zones, VLAN/VRF patterns, restricted service exposure)
- security controls such as proxy, IDS/IPS, NAC (as applicable)
- Strong documentation and stakeholder management skills (able to brief senior technical and non-technical audiences).
Desirable
- Experience with one or more: Fortinet/Palo Alto/Check Point/Cisco/Juniper.
- Exposure to SASE/SD-WAN (within constrained/secure environments).
- Experience supporting accreditation/assurance evidence and security design sign-off.
Next Steps:
- Please send me your contact information and most recent CV so that we can speak in more detail.