Network Security Engineer

We are seeking a highly skilled and experienced Network Security Engineer to join our dynamic Operational Technology (OT) Infrastructure team at Thames Water.

As a Network Security Engineer, you will play a critical role in ensuring the reliability, availability, and security of our network infrastructure across both IT and OT environments. This position requires strong expertise in network security technologies, routing protocols, and firewall administration, along with a deep understanding of service delivery within a complex enterprise setting. You will work closely with key stakeholders, third-party suppliers, and internal teams to support BAU operations, contribute to the security strategy, and drive continual service improvement.

What you’ll do as a Network Security Engineer

Network Security & System Reliability:

• Act as SME for Network Security, delivering technical guidance across Digital and Operational teams.
• Maintain and support all IT and OT Network Security assets, systems, and appliances to ensure 99.98% availability.
• Deliver updates and upgrades to network components, including Switches, Routers, Firewalls and network security applications in line with defined schedules.
• Ensure continuity of service and system performance through effective configuration management, firmware maintenance, and standards compliance.

Technical Development & Cyber Risk Mitigation:

• Provide technical input to the development and maintenance of network security strategies, policies, and procedures.
• Contribute to high- and low-level network security design documentation to support delivery across all environments.
• Identify and escalate cyber and operational risks to ensure the integrity and resilience of the network.
• Manage security appliances and platforms such as Fortinet, CheckPoint, Cisco Security, Ivanti Secure, NAC and PAM with technologies such as VPN, IPSec, and deep packet inspection.

Infrastructure Management & Operational Assurance:

• Administer routing protocols (OSPF, RIP, BGP, MPLS, NAT) and switching technologies (STP, MRP, VLAN, ARP) in line with architecture standards.
• Oversee the delivery and effectiveness of key security technologies, including DNS filtering, Proxy services, NAC, IDS, VPN, and SASE.
• Support internal and external TLS certificate management, public certificate compliance, and machine-to-machine VPN configurations.

Stakeholder Engagement & Service Delivery:

• Engage with Network Managers, Security Leaders, Architects, and Delivery teams to align services with business outcomes.
• Act as a subject matter expert during incident and problem management activities, supporting bridge calls and root cause analysis.
• Ensure all services meet defined SLAs and operational KPIs, maintaining accurate configuration and licensing records.

Audit, Compliance & Service Management:

• Audit and manage all network security systems, licenses, and equipment to ensure compliance and reduce operational risk.
• Collaborate with Service Management to support BAU delivery, capacity and availability planning, and risk mitigation.
• Drive continual service improvement through reporting, stakeholder feedback, and the identification of improvement opportunities.

Collaboration & Knowledge Sharing:

• Work closely with strategic suppliers and internal teams to ensure consistent delivery and effective risk governance.
• Support knowledge sharing and change initiatives, promoting security awareness and operational excellence.

Base location– Hybrid – Clearwater Court, Reading.
Working pattern– 36 hours, Monday to Friday.

What you should bring to the role:

• Experience in both IT and OT network security environments.
• Security Clearance (SC) or the ability to obtain it.
• Strong stakeholder management and supplier engagement experience in a complex enterprise environment.
• Advanced knowledge and hands-on experience with Layer 2/3 technologies (VLAN, OSPF, BGP, RSTP, MRP) and vendors (Cisco, Fortinet, CheckPoint).
• Proficiency with core network security technologies, including SD-WAN, IPSEC, Cisco ISE, and cloud security services.
• Demonstrable problem-solving skills, with the ability to balance commercial, operational, and customer-focused outcomes.
• Strong communication and interpersonal skills to effectively engage with technical and non-technical stakeholders.
• Familiarity with service delivery frameworks such as ITIL, and experience working in both agile and waterfall delivery environments.

Desirable qualifications and experience:

• Cisco certifications: CCNP, CCNA (minimum), and CheckPoint CCSE/CCSA.
• Experience with security technology vendors, including Meraki, Belden, and Fortinet.
• Previous experience in the utilities industry or within a large-scale enterprise (20,000+ devices).
• Understanding of strategic supplier management, business case development, and stakeholder analysis.
• Knowledge of cloud platforms such as Azure or AWS.

What’s in it for you?

• Competitive salary up to £64,000per annum, depending on experience
• Annual Leave - 26 days holidayper year, increasing to 30 with the length of service (plus bank holidays)
• Generous Pension Schemethrough AON
• Access to lots of benefits to help you take care of you and your family’s health and wellbeing, and your finances – from annual health MOTs and access to physiotherapy and counselling, to Cycle to Work schemes, shopping vouchers and life assurance.

Who are we?
We’re the UK’s largest water and wastewater company, with more than 16 million customers relying on us every day to supply water for their taps and toilets. We want to build a better future for all, helping our customers, communities, people and the planet to thrive. It’s a big job and we’ve got a long way to go, so we need help from passionate and skilled people, committed to making a difference and getting us to where we want to be in the years and decades to come.

Learn more about ourpurpose and values

Working at Thames Water
Thames Water is a unique, rewarding and diverse place to work, where every day you can make a difference, yet no day is the same. As part of our family, you’ll enjoy fast-tracked career opportunities, flexible working arrangements and excellent benefits.

Whether you’re interested in a role in one of our call centres or science labs, we’re looking for people like you with real passion and a burning desire to make things better.

So, if you’re looking for a sustainable and successful career where you can make a daily difference to millions of people’s lives while helping to protect the world of water for future generations, we’ll be here to support you every step of the way. Together, we can build a better future for our customers, our region and our planet.

Real purpose, real support, real opportunities. Come and join the Thames Water family. Why choose us? Learn more.

Our overarching aim is to ensure that Thames Water is great, diverse and inclusive place to work. We welcome applications from everyone and offer extra support for those who need it throughout the recruitment process. Our aim is to remove any real or perceived barriers to success, so if you need assistance, we’re here to help and support.

When a crisis happens, we all rally around to support our customers. As part of Team Thames, you’ll have the opportunity to sign up to support our customers on the frontline as an ambassador. Full training will be given for what is undoubtedly an incredibly rewarding experience. It’s also a great opportunity to learn more about our business, meet colleagues and earn some extra money along the way.

Disclaimer: due to the high volume of applications we receive, we may close the advert earlier than the advertised date, so we encourage you to apply as soon as possible to avoid disappointment.