IT Network/Security Architect contract

IT Security & Network Engineer/Architect

Role Overview

The IT Security & Network Engineer/Architect acts as the primary interface between the Cyber Security Project Team and the Network Operations function. This role focuses on delivering security-driven network projects and architectural change across a critical 24x7 operational environment.
The position is responsible for the design, planning, analysis, and implementation of strategic security initiatives that strengthen the organisation's overall security posture while ensuring alignment with existing network standards and operational requirements.
The successful candidate will provide third-level technical expertise and architectural leadership throughout full project life cycles, taking ownership of complex network and security solutions from concept through to delivery. This includes producing high-quality technical designs, evaluating solution options, and ensuring successful implementation across enterprise environments.
Working closely with internal and external stakeholders, the role shapes and delivers secure, scalable, and resilient network architectures that meet business objectives, regulatory obligations, and strict service-level, availability, and security requirements.

Key Responsibilities

Technical Leadership & Architecture

Act as Technical Lead for Cyber Security projects delivering network-related security initiatives across critical 24x7 operational networks.
Develop and implement industry-standard, best-practice network designs to ensure scalability, resilience, and security of services.
Provide consultative expertise, strategic thinking, and innovative problem-solving for network and security-related solutions.
Produce high-quality technical documentation, architecture diagrams, and implementation plans.

Enterprise Network & Security Design

Design and implement enterprise data centre networks using ACI fabric design, including tenants, VRFs, bridge domains, and EPGs.
Develop secure network segmentation strategies aligned with zero-trust principles.
Implement high-availability and disaster-recovery strategies for critical applications.
Continuously develop and test failover plans for critical network components and services.

Firewall & Threat Management

Configure and manage Cisco Next-Generation Firewall (NGFW) features including:
Intrusion Prevention System (IPS)
Security Intelligence
Portscan Detection
Encrypted Visibility Engine (EVE)
Perform Firewall life cycle management including:
Software upgrades
Policy optimisation
Health monitoring
Conduct threat management and vulnerability assessments.

Application Delivery & Traffic Management

Design, deploy, and optimise application delivery solutions using Citrix Netscaler, including:
L4-L7 load balancing
Web Application Firewall (WAF)
Content switching
Traffic steering
Collaborate with application teams to ensure secure, resilient, and high-performance traffic flows.

Automation & Operational Excellence

Leverage automation tools (Python, Ansible, REST APIs) to enhance operational efficiency.
Provide network and security performance monitoring to ensure SLAs are met.
Operate, maintain, and secure network services supporting internal and external customers.
Resolve complex technical issues escalated from second-line network support.
Mentor second-line staff to support their professional development and team contribution.
Apply ITIL practices in change management and continual service improvement.

Services Scope

Security-driven network architecture and transformation
Enterprise data centre networking
Firewall life cycle management
Network segmentation and zero-trust implementation
Threat management and vulnerability assessment
High availability and disaster recovery planning
Application delivery optimisation
Network performance monitoring and SLA compliance

Expected Knowledge & Qualifications

Certifications

Cisco Certified Internetwork Expert (CCIE)
Certified Information Systems Security Professional (CISSP)

Technical Expertise

Excellent knowledge of networking protocols and topologies
Security architecture design and implementation
Identity & Access Management (I&AM) and cybersecurity principles

Strong working knowledge of:
TCP/IP
Cisco Firewalls
ACI Networks
LAN, WAN, VPN systems
Network management and administration tools
Threat management and vulnerability assessment
Automation tools (Python, Ansible, REST APIs)
ITIL practices (Change Management & Continual Improvement)

Professional Skills

Excellent communication and stakeholder engagement skills
Strong documentation and technical writing capability
Strategic thinking with consultative delivery approach
Ability to lead complex technical initiatives in mission-critical environments