17 Security Architecture jobs in London

Network Security Engineer - SC Cleared (or Eligible) - £550 per day - Inside IR35 - Remote - 12 Months initial contract

We are currently working with a leading client in the zero carbon energy sector who are looking to bring on board an experienced Security Engineer to join their security implementation and engineering delivery team.

This is a fantastic opportunity to work on large-scale, business-critical projects in a highly regulated environment.

The Role - 

As part of the security engineering team, you'll be:

• Delivering on the security portfolio, with a focus on SASE and firewall estates.
• Working within a SAFe Agile framework, participating in sprints and stand-ups.
• Managing and tracking workloads via Jira.
• Triaging customer requirements into actionable deliverables.
• Acting as an escalation engineer for the Security Support Team.
• Supporting and mentoring junior engineers.
• Producing documentation and knowledge base material, as well as delivering knowledge transfer sessions.
• Occasionally supporting out-of-hours work.

Technical Skills We're Looking For -

My client is looking for demonstrable experience in as many of the following as possible:

• Enterprise firewalls: Palo Alto (PAN) & Fortinet.
• Management platforms: Panorama, SCM, FortiManager, FortiAnalyzer.
• SASE products/services.
• Load balancers & application delivery - primarily F5.
• Vulnerability & exposure management (e.g. Tenable).
• Email security gateways and hygiene solutions (Mimecast).
• Network routing, switching, access policy administration.
• AWS and Azure security knowledge.
• Documentation: HLDs, LLDs, Security Designs, Risk Assessments, Network Diagrams.

Soft Skills & Background

• Strong stakeholder management and customer-facing skills.
• Ability to work independently and as part of a collaborative team.
• Agile/SAFe delivery experience.
• Background in security operations, compliance, risk, or governance.
• Experience working with an MSSP - desirable.
• Exposure to highly regulated industries - Financial Services experience a strong plus.

Clearance

• SC Clearance (or eligibility to obtain) is required for this role.
• Candidates with current active SC will be prioritised.

Why Apply?

This is an excellent chance to join a forward-thinking organisation investing heavily in their security landscape. You'll be working on enterprise-grade solutions, contributing to critical infrastructure, and expanding your skillset across cloud, network, and security domains.

• Design, implement, and manage network security infrastructure, including firewalls, VPNs, intrusion detection/prevention systems (IDPS), and web application firewalls (WAFs).
• Monitor network traffic for security breaches and suspicious activities, and respond to security incidents in a timely and effective manner.
• Conduct regular security assessments, vulnerability scanning, and penetration testing to identify potential weaknesses.
• Develop and enforce network security policies, procedures, and standards.
• Configure and maintain security devices and software to ensure optimal performance and protection.
• Collaborate with IT operations and engineering teams to integrate security measures into network design and deployment.
• Provide technical expertise and guidance on network security best practices to internal teams.
• Stay up-to-date with the latest security threats, vulnerabilities, and mitigation techniques relevant to the telecommunications industry.
• Participate in incident response activities, including forensic analysis and post-incident reviews.
• Develop and deliver security awareness training to staff as needed.

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Minimum of 5 years of experience in network security engineering, with a focus on telecommunications networks.
• Strong knowledge of TCP/IP, routing protocols (e.g., BGP, OSPF), and network segmentation.
• Hands-on experience with major firewall vendors (e.g., Palo Alto Networks, Cisco, Fortinet) and security technologies.
• Proficiency in using security monitoring and analysis tools (e.g., SIEM, packet capture tools).
• Understanding of common security threats and attack vectors, and experience with mitigation strategies.
• Relevant security certifications such as CISSP, CCNA Security, CCNP Security, or equivalent are highly desirable.
• Excellent problem-solving and analytical skills.
• Strong communication and interpersonal skills, with the ability to work effectively in a team environment.
• Must be able to work effectively on-site in London, England, UK .

Network & Security Engineer
Based: Home-based, within the London area
Type: Full-time
Salary: In the region of £50k
Eligibility : You must be eligible to work in the UK

About the role:  

The purpose of the Network & Security Engineer role is to create and deliver optimum solutions to meet business and client needs through the whole project lifecycle from understanding the project and requirements to transition into BAU support. Hence, this is a pivotal role in the delivery of technological solutions for the business and our customers.  

Network & Security Engineer roles are expected to take on challenging projects, often spanning more than one application and/or technology and as such, this role is very delivery goal focused.   

The further element of the role will be assisting the Technical Management Team in day-to-day network operations and will require emergency availability in the event of service faults.  

The successful candidate will play a large role in operations on a metro London service provider network. A part of this role will also be customer facing; supporting customer networks and infrastructure.   

This is a hands-on, practical role that will require visits to customer sites, DCs and similar, therefore the person recruited into this position will need to be flexible and willing to travel to client sites and other work related locations including DCs, as and when required.   

The ideal candidate will have a wealth of networking experience, preferably with vendor certifications.   

The successful candidate may be required to complete a satisfactory DBS cert.   

Amongst other tasks, you will be responsible for:  

• Provide Technical support at 2nd line level to Academia Customers 

• Work closed with Academia Service Desk Team for networking related escalations 

• Technical resource, responsible for network implementation projects of varying scales 

• Provide innovative solutions to meet business needs 

• Assist with policy, procedure and standards documents based on industry best practices and personal research and experience.  

• Provide support for critical system changes outside of business hours.  

• Assist with data centre management as required. 

Key Skills:  

• The successful candidate will have excellent experience working with enterprise level network & security / telecom services with Juniper and Cisco Meraki.  

• Proven track record of successfully delivering complex technical solutions.  

• Experience of successfully working with outsourced partners.  

• Experience with industry leading network and security products including, Juniper, Cisco, HPE  

• Conceptual knowledge of the following technologies & services: OSPF, BGP, VRF / VRF lite, L2VPN & L3VPNs, Cloud-based delivery, unified communications.  

• Technical design and documentation skillset  

• Experience with WLAN products from Meraki, MIST, Aruba and Ubiquiti 

• Experience installing network firewalls, routers and switches  

• Ability to troubleshoot network issues (TCP/IP) and identifying points of failure, configuring and troubleshooting IPsec VPNs using multiple routers & creating VLANs, configuring managed switches and firewalls.  

• Ability to troubleshoot third party software and liaise vendor support  

• Ability to articulate technical options/issues/designs such that management can make informed decisions.  

• Able to explain technical issues and solutions clearly to any audience 

• Strong critical thinking and analytical skills to assess complex issues and recommend effective solutions.   

Nice to have 

•  CCNP / JNCIS – Professional level certifications   

• Experience working in a Data Centre environment  

Why Academia?

Academia is an innovative and rapidly expanding technology company on a mission to transform IT services for large public and private sector customers. We’re not just a supplier; we’re a trusted partner for thousands of clients.  

Our ethos is simple, if we can provide great technology and make it work, we will empower our customers to optimise their investment in technology. Our customers IT success is our business. Building a strong reputation over 20 years as a top-tier provider of IT solutions and services, the company has sustained double-digit growth, with revenues exceeding £150 million in FY24. We have picked up prestigious industry awards along the way, including the highly prized CRN reseller of the year award.  

Backed by Strive Capital, which has provided strong financial and strategic support since 2020, Academia is well-equipped to continue expanding into new areas. Our dedicated lifecycle division, launched to meet the growing demand for sustainable IT solutions, reinforces our commitment to reducing environmental impact while supporting the full lifecycle of our technology.  

Our culture is built on teamwork, innovation, integrity, ambition, and a commitment to delivering excellent customer service. With ambitious growth plans and a supportive, collaborative environment, Academia is a fantastic place for professionals eager to make an impact. Join us and become part of one of the UK’s most exciting tech success stories.  

Benefits

• Gym membership contribution   

• Health Cash Plan   

• Increased annual leave with length of service   

• Free annual leave on your birthday   

• Length of service bonus   

• Flexible working hours   

• Hybrid working  

• Free Will Writing service   

• Life Insurance   

• And much more!  

• Design, implement, and maintain comprehensive network security infrastructure, including firewalls, IDS/IPS, VPNs, and network access control systems.
• Develop and enforce security policies, standards, and procedures to protect network assets.
• Conduct regular vulnerability assessments and penetration testing to identify and remediate security weaknesses.
• Monitor network traffic for security breaches and anomalies, and respond effectively to security incidents.
• Lead incident response activities, including investigation, containment, eradication, and recovery.
• Collaborate with network operations teams to ensure security best practices are integrated into network design and deployment.
• Evaluate and recommend new security technologies and solutions to enhance the organization's security posture.
• Develop and deliver security awareness training to employees.
• Manage security logging and monitoring systems, ensuring comprehensive audit trails are maintained.
• Stay current with the latest cybersecurity threats, trends, and technologies.
• Provide technical leadership and guidance to junior security engineers.
• Ensure compliance with relevant industry regulations and data privacy laws.
• Participate in disaster recovery and business continuity planning.

• Bachelor's or Master's degree in Computer Science, Cybersecurity, Information Technology, or a related field.
• Minimum of 7 years of experience in network security engineering.
• In-depth knowledge of network protocols, security architectures, and cybersecurity principles.
• Hands-on experience with enterprise-grade firewalls (e.g., Palo Alto, Fortinet, Cisco ASA), IDS/IPS, SIEM solutions, and VPN technologies.
• Proficiency in scripting languages (e.g., Python, Bash) for automation of security tasks.
• Strong understanding of cloud security principles (AWS, Azure, GCP).
• Relevant security certifications such as CISSP, CCIE Security, CISM, or GIAC are highly desirable.
• Excellent analytical, problem-solving, and incident response skills.
• Strong communication and leadership abilities.
• Ability to work under pressure and manage multiple priorities in a dynamic environment.
• Experience with intrusion detection/prevention systems and endpoint security solutions.

• Design, implement, and manage network security solutions, including firewalls, VPNs, Intrusion Detection/Prevention Systems (IDPS), and web application firewalls (WAFs).
• Develop and maintain security policies, standards, and procedures to ensure compliance with industry best practices and regulatory requirements.
• Conduct regular security assessments, vulnerability scans, and penetration tests to identify and mitigate potential risks.
• Monitor network traffic and security logs for suspicious activity, and respond effectively to security incidents and breaches.
• Develop and implement incident response plans and lead the remediation efforts during security events.
• Collaborate with IT and engineering teams to integrate security best practices into system design and deployment.
• Manage and maintain security hardware and software, ensuring optimal performance and up-to-date configurations.
• Provide expert technical guidance on network security matters to internal teams and stakeholders.
• Stay current with the latest security threats, vulnerabilities, and technologies, recommending and implementing proactive security measures.
• Develop and deliver security awareness training to employees.
• Maintain comprehensive documentation of network security architecture, configurations, and procedures.
• Evaluate and recommend new security technologies and solutions to enhance the overall security posture.

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. Relevant certifications such as CISSP, CCNP Security, or CEH are highly desirable.
• Minimum of 7 years of experience in network security engineering, with a strong focus on enterprise-level network security.
• In-depth knowledge of TCP/IP, routing protocols, network segmentation, and firewalls (e.g., Palo Alto, Fortinet, Cisco ASA).
• Proven experience with VPN technologies, IDS/IPS, WAFs, and SIEM solutions.
• Hands-on experience with cloud security best practices (AWS, Azure, GCP).
• Strong understanding of common cyber threats, attack vectors, and mitigation strategies.
• Excellent analytical, problem-solving, and diagnostic skills.
• Exceptional communication and interpersonal skills, with the ability to explain complex technical concepts to both technical and non-technical audiences.
• Demonstrated ability to work independently and manage multiple priorities effectively in a remote environment.
• Experience with scripting languages (e.g., Python, Bash) for automation is a plus.

• Design, implement, and maintain advanced network security architectures, including firewalls, VPNs, IDS/IPS, and WAFs.
• Develop and enforce network security policies, standards, and procedures.
• Lead threat hunting initiatives and conduct regular vulnerability assessments and penetration testing.
• Manage and monitor network security infrastructure, ensuring optimal performance and availability.
• Respond to and investigate security incidents, coordinating mitigation and remediation efforts.
• Stay current with the latest security threats, vulnerabilities, and industry best practices.
• Provide technical leadership and mentorship to junior security engineers.
• Collaborate with IT teams to ensure security is integrated into all aspects of network design and operations.
• Develop and deliver security awareness training to staff.
• Contribute to disaster recovery and business continuity planning.

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Minimum of 7 years of experience in network security engineering.
• Proven experience in leading security projects and teams.
• Expertise in firewall management (e.g., Palo Alto, Cisco ASA, Fortinet), intrusion detection/prevention systems, and VPN technologies.
• Strong understanding of TCP/IP, routing protocols, and network architecture.
• Experience with SIEM tools (e.g., Splunk, QRadar) and incident response procedures.
• Relevant security certifications such as CISSP, CCNP Security, or GIAC.
• Excellent analytical, problem-solving, and troubleshooting skills.
• Strong communication and interpersonal skills, with the ability to articulate technical concepts to non-technical audiences.
• Experience with cloud security (AWS, Azure, GCP) is a plus.

• Design, implement, and manage advanced network security solutions, including firewalls, intrusion detection/prevention systems (IDS/IPS), VPNs, and secure gateways.
• Develop and enforce network security policies, standards, and procedures to ensure the confidentiality, integrity, and availability of the network.
• Monitor network traffic and security alerts, identifying and responding to security incidents in a timely and effective manner.
• Conduct regular vulnerability assessments and penetration testing to identify and remediate security weaknesses.
• Develop and maintain security documentation, including network diagrams, configurations, and incident response plans.
• Lead security incident response activities, coordinating efforts with internal teams and external stakeholders.
• Evaluate and recommend new security technologies and solutions to enhance the organisation's security posture.
• Provide technical guidance and mentorship to junior security engineers and IT staff.
• Collaborate with other IT teams to ensure security is integrated into all network infrastructure projects and initiatives.
• Stay abreast of the latest cyber threats, security trends, and best practices in network security.
• Participate in on-call rotation for incident response and support.

• A Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. Master's degree preferred.
• A minimum of 7 years of progressive experience in network security engineering, with a strong emphasis on large-scale enterprise or telecommunications networks.
• In-depth knowledge of TCP/IP, routing protocols, network architecture, and security best practices.
• Hands-on experience with leading security technologies from vendors such as Cisco, Palo Alto Networks, Fortinet, Check Point, and Juniper.
• Proficiency in security monitoring tools, SIEM solutions, and packet analysis.
• Relevant security certifications such as CISSP, CCNP Security, or GIAC are highly desirable.
• Excellent analytical, problem-solving, and decision-making skills.
• Strong communication and interpersonal skills, with the ability to explain complex technical issues to both technical and non-technical audiences.
• Proven experience in leading security projects and mentoring team members.
• Ability to work effectively under pressure in a fast-paced operational environment.

We are the Intelligent Internet Platform.  We connect People, Places  and Things  anywhere, managing Internet Performance  better than anyone else, while providing One Global Experience,  giving Visibility, Control  and Security  through expereoOne.

Expereo believes in the power of Internet connectivity. As the world's largest provider of managed internet, SD-WAN/SASE, and Cloud connectivity solutions, we power enterprises and government sites worldwide, helping to enhance every business' productivity with flexible and optimal Internet performance.

As a trusted partner of Fortune 500 enterprises, our continued aim and success in helping our customers and partners depends solely on the talented individuals who make Expereo a dynamic, effective, multicultural, and equitable environment.

About the role

Reports to: Chief Digital Officer (with quarterly Audit/Risk committee updates)

The Enterprise & Network Security Director (“ENS”) is responsible for developing and implementing a holistic security strategy of the Expereo Enterprise Organization and the Network Products and Services delivered to its customers. This includes corporate IT, cloud application devops, compliance frameworks, and the global network installed base that underpins our services. The ENS Director leads teams across Enterprise IT security, Cloud Security, Network/ISP Security, Compliance, and Security Operations — ensuring resilience, trust, and regulatory alignment across the organization and customer offerings.

This role also involves managing a team of security professionals, collaborating closely with Platform Engineering, Product, IT and Network Ops, HR, and Legal/DPO, as well as senior leadership. Most importantly, while strategic in nature, this role requires a hands-on approach.

Key Responsibilities

• Define and execute the end-to-end security strategy covering Enterprise, Cloud Applications, and Network domains; represent cybersecurity posture to management, regulators, auditors and key customers.
• Lead and mentor cross-functional security teams (Enterprise IT SecOps, Cloud Security, Network Security, Compliance, Identity).
• Oversee global security policies, risk management, and regulatory alignment (ISO27001, SOC2, GDPR, NIS2/DORA, Telecom-specific regulations).
• Ensure security is embedded in product/service lifecycles (Internet access, SD-WAN, SASE, NaaS) and that they are secure by design and meet customer and industry expectations.
• Drive vendor/partner risk management and customer assurance processes.
• Conduct regular risk assessments, vulnerability tests, and threat analysis to identify and mitigate security risks.
• Work with IT teams to ensure security of endpoints, servers, internal infrastructure, and enterprise IT systems.
• Own cloud security posture mgmt, key rotation, least privilege, and baseline hardening for AWS (API Gateway, Cognito, IAM SigV4, EventBridge, etc.).
• Drive strong authentication, device posture, PAM, and customer federation; standardise scopes/claims for external APIs.
• Own security of backbone, edge, peering, and transit/last-mile networks.
• Oversee network defences (DDoS, BGP/RPKI validation, DNS/DNSSEC, etc)

Requirements

• 10+ years of experience in cybersecurity , with proven leadership of multi-domain security functions (Enterprise IT, Cloud, Networks, Compliance).

• Professional certifications (CISSP, CISM, CCSP, CCNP Security, or equivalent).
• Strong communicator with credibility at executive, technical, and regulatory levels; with customer-focused mindset with emphasis on trust, resilience, and service assurance.
• Information Security & Compliance Expertise : Deep knowledge of ISO 27001, SOC 2 Type II, NIS2, and DORA regulations, with experience leading audits and closing compliance gaps.
• Security Architecture & Engineering : Proficiency in secure SDLC practices, application security tooling (SAST/SCA/DAST), cloud security (CSPM/CIEM/CNAPP), and infrastructure hardening.
• Incident Detection & Response : Strong skills in threat detection, SIEM/SOAR, incident response, and achieving low MTTD/MTTR; experience with purple teaming and tabletop exercises.
• Network Security : Understanding of routing security principles (BGP/RPKI), network segmentation and DDoS mitigation,
• Identity Management : Implementing zero-trust / password-less solutions.
• Risk Management & Vendor Security : Ability to assess third-party risk, enforce contract controls, manage remediation, and provide continuous monitoring for key suppliers.
• Strategic yet hands-on leader is a must — able to set vision and oversee day-to-day operations.

Benefits

• Private Healthcare Plan

• Pension Plan
• Life Assurance
• Hybrid working
• 25 days Holiday
• Annual Company Bonus

Beyond the Job

We’re proud of our focus on Environment, Social and Governance  as well as the passion we display for the communities where we live and work.

EEO (Equal Employments Opportunities) Statement:

Expereo is an Equal Opportunities employer who aims to support and celebrate every employee that comes through our doors. We respect and support all of our people regardless of background, religion, nationality, sexual orientation, age, or physical condition.

• Ensure customers are maximizing their return on investment by rapidly implementing and operationalizing Palo Alto Networks SASE solutions to achieve their business and security objectives
• Assist customers in implementing Palo Alto Networks SASE solutions and fully integrate these into their security operations
• Be the first line of defense in proactively addressing customer needs for technical assistance, and coordinating and prioritizing timely resolutions with engineering teams
• Serve as a customer advocate in influencing product roadmap and improvements
• Coach customers on how to establish and manage their Cloud Security Change Management / Governance / Center of Excellence program
• Identify risks to the customer achieving their stated business goals and work with the account team to build a risk mitigation plan or escalate as needed
• Develop a comprehensive understanding of typical business challenges faced by customers and common objectives to appropriately map features and associated business benefits to address their needs
• Be a Go-To customer expert on Palo Alto Networks SASE security solutions and become a Subject Matter expert over time
• Performance metrics include CSAT, Renewal rate, Upsell / Cross-sell lead identification, Reference-ability, Renewal likelihood, Adoption, Consumption, Customer Engagement
  
  

• BS/MS in Computer Science, Electrical Engineering, Computer Engineering or a related technical field or equivalent military experience required
• Minimum 5 years of relevant work experience in post-sales, pre-sales, technical support, consulting or similar roles
• Understanding SASE architecture and value proposition
• In-depth understanding of Networking concepts and experience with multi-vendor networking devices such as routers, switches, firewalls, traffic generators, etc.
• Enterprise-level designing/troubleshooting experience in Routing Protocols (BGP / OSPF / EIGRP)
• Expertise with Remote Access VPN solutions, IPSEC, PKI & SSL, TCP/IP, Authentication Protocols (SAML, SSO, LDAP, RADIUS, etc.)
• Knowledge of Linux (including BASH and Python scripting)
• Proven track record of managing customer escalations, balancing customer expectations and negotiating successful resolutions
• Strong consulting and project management skills
• Ability to clearly articulate technical issues to both technical and non-technical audiences, executives and explain their impact on business both internal and external to the organization
• Ability to multi-task and work in a fast-paced environment