Enable job alerts via email!
DV-Cleared Network Security SME
iO Associates
England
Hybrid
GBP 80,000 - 100,000
Full time
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Job summary
A leading cybersecurity consultancy is seeking a DV-Cleared Network Security SME for a contract role in the UK. Candidates should have a minimum of 10 years of experience in network security architecture and possess current, active DV clearance. The role involves designing and implementing secure network infrastructures for national security programs. Key skills include expertise in advanced Cisco technologies and Zero Trust Solutions. This position is hybrid, offering flexibility to work from home and the client site.
Qualifications
- 10+ years of experience in network security architecture within Defence/Intelligence.
- Current active DV clearance with no lapses in the last 12 months.
- Expertise in Cisco technologies, specifically CCIE Security or CCDP.
Responsibilities
- Design ultra-high-assurance network architectures for various security environments.
- Lead integration of Zero Trust Network Access solutions.
- Architect and harden boundary protection systems.
Skills
DV-Cleared Network Security SME - Contract (Freelance) - Start Date: ASAP
- Job Title: DV-Cleared Network Security SME
- Location: Hybrid - UK
- Clearance Required: Active Developed Vetting (DV) - Non-negotiable
- Rate: DOE
- Client: Defence
- Start Date: ASAP
We are instructed on an exclusive, sole-supplier basis to identify an elite DV-cleared Network Security SME for a flagship National Security programme delivering next-generation secure network infrastructure for UK Defence and Intelligence Community end-customers.
- Design and implement ultra-high-assurance network architectures (LAN/WAN/SD-WAN) for air-gapped, cross-domain and multi-level security environments.
- Lead the integration of Zero Trust Network Access (ZTNA), SASE and Software-Defined Perimeter solutions at scale.
- Architect and harden boundary protection systems (next-gen firewalls, IDS/IPS, web proxies, reverse proxies, data diodes).
- Define and enforce cryptographic network segmentation using PKI, IPsec, MACsec and quantum-resistant algorithms.
- Produce HLD/LLD, security operating procedures and As-Built documentation to NCSC/CESG standards.
- Act as design authority during security accreditation (RMADS, SyOPs, risk balance cases).
- Mentor and upskill SC-cleared team members and conduct secure design reviews.
- Current active DV clearance (no lapses, used within last 12 months).
- 10+ years network security architecture in Defence/Intelligence environments.
- Expert-level Cisco (CCIE Security or CCDP equivalent) + deep Palo Alto, Fortinet, Juniper SRX/MSeries.
- Advanced routing/switching (BGP, OSPF, MPLS, EVPN-VXLAN in secure enclaves.
- Zscaler ZIA/ZPA, Netskope, Menlo Security or equivalent SASE platforms.
- Illumio, AppGate SDP or Tuffin for micro-segmentation.
- F5 BIG-IP APM/LTM, Pulse Secure or Cisco Secure Connect for remote access.
- Experience of CESG IA Notices, JSP 440, JSP 604 and NCSC Good Practice Guides.
- HMG Crypto Custodian experience highly desirable.
- Current or recent exposure to Project MORPHEUS, NSoIT(D), DART or Skynet 6
- NCSC CCP SIRA / Senior SIRA status
- CHECK Team Leader or CREST CRT
- TOGAF or SABSA certification
- Please send me your latest CV so that we can speak in more detail.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
