OT Network Security Architect / SME

Coventry
Temporary
Full-time

4 days ago

OT Network Security Architect / SMEOur client, a leading global supplier for IT services, requires an experienced OT Network Security Architect / SME to be based at their client’s office in Coventry, UK.This is a hybrid role – you can work remotely in the UK and attend the Coventry office 2-3 days per week .This is a 6+ month temporary contract to start asapDay rate: Competitive Market rateThis role is dedicated to supporting OT Zero Trust delivery programmes by designing secure, scalable network and security solutions across on-premises, hybrid, and multi-cloud environments. The role will involve both strategy and hands-on architectural governance, supporting Operational Technology (OT) network initiatives.Key Responsibilities:Network Architecture Design & Implementation:

Update and modernise OT site network architecture, including the removal of unmanaged switches
Develop and maintain up-to-date site network drawings
Assess technology hosting capability across updated network environments
Select and design network segmentation tools and deploy them across relevant sites
Map existing networks and data flows to inform segmentation and security strategies
Define protect surfaces for critical assets within the OT network
Design and govern the rollout of OT Next-Generation Firewalls, including selection, trials, and phased implementation
Implement DNS security enhancements across the organisation

Access Control & Zero Trust Security:

Select, trial, and implement Operational Technology (OT) Network Access Control tools
Lead phased rollouts of Network Access Control, including integration with updated site networks
Write strategic decision papers on Secure Service Edge (SSE) for leadership review and approval
Select, design, and deploy Zero Trust Network Access (ZTNA) and Remote Browser Isolation (RBI) capabilities
Oversee ZTNA implementation specifically for VPN access scenarios

Security Monitoring & Telemetry:

Oversee Claroty Phase 2 rollout, including deployment of new telemetry sensors at Critical National Infrastructure (CNI) OT sites
Ensure telemetry solutions align with architectural governance standards and Zero Trust Architecture

Architectural Governance & Strategy:

Produce High-Level Designs (HLDs) and Low-Level Designs (LLDs) aligning with business and security requirements.
Provide solution costing and budget estimates
Present and defend designs to governance bodies (e.g., Design Authority)
Provide architectural governance and assurance throughout delivery phases
Act as a subject matter expert and advisor to internal delivery teams

Key Requirements:

Proven experience in enterprise and OT network architecture
Expertise in hybrid cloud environments and multi-cloud network design
Experience with network segmentation strategies and tools
Strong background in Next-Generation Firewall (NGFW) design and implementation
Experience designing and deploying NAC and ZTNA solutions
Familiarity with Secure Service Edge (SSE) and Remote Browser Isolation (RBI) concepts
Understanding of DNS security best practices
Knowledge of telemetry and security monitoring tools, including solutions like Claroty
Experience with architectural governance processes

Desirable:

CCNP, CCIE, CISSP
Extensive experience on Palo Alto, FortiGate or Checkpoint firewalls
Knowledge of NIS-R framework and Zero Trust
Familiarity with Water/ Utilities sector and Critical National Infrastructure
Understanding of Purdue Model and typical OT systems such as PLC/ HMI/ SCADA

Due to the volume of applications received, unfortunately we cannot respond to everyoneIf you do not hear back from us within 7 days of sending your application, please assume that you have not been successful on this occasion.Please do keep an eye on our website for future roles.

Project Recruit

Apply Now