Role: Security Architect-
Rate: inside IR35
Location: Hybrid 2 days a week onsite in Warwick
Duration: 6 months
Job Description: Client requires 4 solution architects to support a cyber programme for around 6 to 8 months, The projects are to be deployed in the OT space but will be developed using modern deployment tooling present in IT systems. Knowledge of modern IT tools is essential and so is understanding the requirements of the environments being modified.
Further detail on each project taking client jargon away (but keeping the IT lingo that could help someone understand what we are trying to do):
* OT Remote Backups:
o Build and deployment of multiple hosts across the country using Red Hat.
o Deployment will leverage tools such as Kickstart and Ansible for automation and Satellite for updates.
o File sync solution to orchestrate recovery files across multiple locations and enable processing at central location.
* OT Data Insights Platform:
o Data collection and forwarding to surface data from substations using protocols such as MQTT and OPC.
* OT Paw Refresh:
o Centrally managed Privilege access workstation using Microsoft tooling (e.g., Azure, Intune).
o Virtual machines to contain applications used to manage the assets.
* P&C Hardened Compute Platform:
o Build and deployment of hosts using Red Hat + KVM. Deployment will leverage tools such as Kickstart and Ansible for automation and Satellite for updates.
o Virtual machines to contain applications used perform operation activities.
* OT Services Network Enhancements:
o Creation of a Network Management Centre.
o Asset management solution.
o Evaluate network improvements to enhance security and resilience.
Program overview:
* Workplace
* OT PAW delivered semi rugged transient, integrating with substations. March 2026 lifecycle coming to an end, they would like to know how to refresh the tech, achieve CAF enhanced and develop the machine
a. 560 laptops in scope
b. Not enterprise standards
c. Specific platform to use
d. Azure intune leveraged
e. Build on existing design/requirements
* OT remote backup
a. In the substation environment
b. Substation control environment is configured and moving smoothly - settings and set up is ok
c. They need to protect the asset
d. Take a backup and keep within a secure drive in the substation
e. Risk is damage, loss, stolen or fire so they don't have a working copy to restore the system / asset
f. Need to build resilience - find a location to upload the site backup in the the server
g. Cant be put into a hybrid cloud, need to be in a grid datcentre
h. Machine on substation, use own private network, own servers in the DC and data storage
i. Capability to manage the host on linux, linux KVM.
j. Have a server, deploy, buy hard ware and deploy onto the data store
k. 261 sub stations,
l. 2 DC's, 2 data stores
m. OT facing - windows PC, no key board, no KVM tool
n. App compresses the data, uloads into the data store, captures the info
o. When needed to restore, pings app, build in same machine
p. Not automated form the system, manual process - back up from SES, file safe, engineering host and kept in separate system - adhoc and manual only
q. No frequency, adhoc
* OT Data Insights Platform:
a. Air gapped
b. 2nd machine is the data insights platform
c. Same data store as remote backup
d. Strong data architecture and solution architecture
e. Primarily a data architect
f. Structure, definition, hosted, aggregated
* Hardening and compute platform
a. Different types of machines in diff substations
b. Running a proof of concept with single type of hardware
c. Virtualised environment
d. Different vendors
e. E.g.: Hitachi, GE and siemens
f. Own proprietary software and systems
g. They are changing hardware to single, virtualising, software will be different
h. Data insights platform sits on the new HMI
* OT Services Network Enhancements:
a. Their private network, tunnelling through NGs own network
b. Building some capabilities
LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds.
Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.
