Skills

Network Security Networking Gap Analysis Azure

Job Specifications

Contract Network Security Engineer (NAC Specialist) Location: City of London (3–4 days per week on-site)
Contract Length: Initial 3 months
Rate: £500–£600 per day (Inside IR35)

We are working with a leading global IT services provider on a contract engagement supporting a large, highly regulated financial services organisation in the City of London. The engagement focuses on a Network Access Control (NAC) policy cleanup and remediation programme, aligning access controls to least privilege, zero trust, and vendor best practices.
This role requires a senior, hands-on Network Security Engineer with deep NAC expertise who can operate confidently across security engineering and network operations teams.
Key Responsibilities
Review and remediate existing NAC exception policies to ensure alignment with organisational standards and vendor best practices
Identify and remove overly permissive or misaligned access exceptions, including inappropriate MAC-based policies
Enforce deny-by-default, allow-list access models using identity, device type, and posture
Implement and refine device profiling and posture validation rules
Improve role-based access control and dynamic policy enforcement (e.g. VLAN assignment)
Perform gap analysis against NAC vendor best practices
Collaborate closely with Security Engineering and Network Operations teams during remediation
Ensure changes follow formal change control processes
Produce clear documentation including:

NAC exception audit reports (pre- and post-remediation)
Updated access control matrices
Final remediation and validation summaries
Executive-level summaries for stakeholders
Required Skills & Experience
Strong hands-on experience with enterprise Network Access Control (NAC) solutions, such as:

Cisco ISE
Aruba ClearPass
Forescout
FortiNAC
Deep knowledge of:

802.1X, RADIUS / TACACS+
Device profiling and posture assessment
Identity-based access control (user + device)
Least privilege and Zero Trust principles
Experience remediating NAC environments with large numbers of legacy or overly permissive exceptions
Strong enterprise networking background (switching, VLANs, campus networks)
Ability to work effectively in regulated, security-conscious environments
Comfortable producing technical documentation and engaging with senior stakeholders
Desirable Experience
Financial services or other highly regulated industries
Certificate-based authentication / PKI
Integration with directory services (e.g. AD / Azure AD)
Logging, alerting, and SIEM integration
Previous NAC redesign or cleanup engagements
Working Arrangements
3–4 days per week on-site in the City of London
Initial 3-month contract with potential extension
£500–£600 per day, Inside IR35

About the Company

Global Technology Recruitment Specialists. We source and select top talent across all technology sectors globally. Founded in 2003, our vertical specialists provide global transformational talent in data, AI & machine learning, product, software, cloud and cyber. As part of the Xcede Group, we work with businesses, from pioneering start-ups to global brands, to find project-based or permanent talent that enables innovation in line with their vision and goals. Know more