Network Security Engineer – Remote Role – 3 to 6 Month Initial Contract

Role Overview
We are seeking a highly proficient Network Security Engineer with extensive hands-on implementation experience. This is a practical, technical role requiring direct involvement in configuration, deployment, troubleshooting, and optimisation of secure network environments. The ideal candidate will possess in-depth knowledge of Layer 2 and Layer 3 networking, security controls, operational technology (OT) environments, and network segmentation, with a proven track record of delivering secure solutions within enterprise or industrial settings.

Key Responsibilities
Network Engineering & Implementation

• Configure and deploy network and security solutions with a hands-on approach.
• Develop and maintain network automation scripts using Python, Ansible, or similar tools.
• Implement Low-Level Designs (LLD) based on approved High-Level Designs (HLD).
• Optimise and configure Layer 2 and Layer 3 network services.
• Apply secure network segmentation strategies across enterprise and OT environments.
• Deploy and manage SD-WAN, MPLS, and hybrid connectivity solutions.
• Configure routing protocols, VLANs, trunking, inter-VLAN routing, and redundancy mechanisms.

Network Security & Access Control

• Design and implement Access Control Lists (ACLs) on routers, switches, and firewalls.
• Configure and manage Private VLANs (PVLANs) to ensure traffic isolation.
• Develop firewall policies, NAT rules, zone-based security, and optimise rule sets.
• Support identity-based network access controls and integrate with IAM platforms.
• Enforce least-privilege access models across enterprise and OT networks.
• Conduct network hardening aligned with security best practises.

Network & Application Discovery

• Perform network discovery and asset identification.
• Map application dependencies and analyse traffic flows.
• Support segmentation initiatives using discovery insights.
• Analyse packet captures and resolve connectivity or security issues.
• Identify legacy protocols and undocumented communication flows.

OT & Industrial Network Security

• Demonstrate knowledge of OT/ICS protocols such as Modbus, DNP3, and OPC.
• Support secure segmentation between IT and OT networks.
• Implement security controls aligned with ISA/IEC 62443 standards.
• Collaborate with operational teams to minimise disruption during security changes.

Required Technical Skills

• Comprehensive knowledge of Layer 2 and Layer 3 networking.
• Advanced ACL configuration on Cisco or equivalent platforms.
• Experience implementing Private VLANs (PVLANs).
• Firewall configuration including policy creation, NAT, and inspection rules.
• Deployment and operational support of SD-WAN technologies.
• Expertise in MPLS networking.
• Proficiency with network discovery and traffic analysis tools.
• Application discovery and traffic flow mapping skills.
• Integration experience with Identity & Access Management (NAC, 802.1X, identity-based policies).
• Packet analysis using Wireshark or similar tools.
• Familiarity with routing protocols such as OSPF, BGP, and EIGRP.

Desirable Experience

• Exposure to OT/ICS network environments.
• Experience with network segmentation programmes.
• Understanding of Zero Trust architecture principles.
• Hands-on experience with Cisco, Palo Alto, Fortinet, or equivalent technologies.
• Infrastructure automation using Ansible, Python, or similar.
• Experience in regulated or critical infrastructure sectors.

Soft Skills

• Strong analytical and troubleshooting abilities.
• Ability to work autonomously and implement changes safely.
• Clear and concise technical documentation skills.
• Effective communication with diverse stakeholders.
• Detail-oriented with a strong security focus.

Qualifications

• Relevant professional certifications such as:

• CCNP / CCIE

• PCNSE / NSE4+