Tech Lead – OT Security & Network Access Control

<h4>🚀&nbsp;Tech Lead – OT Security &amp; Network Access Control</h4><p><strong>Location:&nbsp;</strong>Poland - Hybrid<br><strong>Contract:</strong> B2B, Full-Time</p><p><strong>Join the Future of Digital Tech with Kolomolo</strong></p><p>At <strong>Kolomolo</strong>, we don’t just follow trends -&nbsp;we set them. As a global supplier of IT services and digital modernization solutions, we help businesses embrace cutting-edge technology to optimize their operations. Now, we are growing and looking for fresh talent to grow with us.</p><p><em>Are you proactive, tech-savvy, and eager to build your career in IT? </em><strong><em>This role could be your perfect fit.</em></strong></p><h4><strong>About the Role</strong></h4><p>We are looking for a <strong>Tech Lead – OT Security &amp; Network Access Control</strong> to take ownership of a modern OT security architecture focused on strong identity, segmentation, and zero-trust principles.</p><p>This role offers a rare opportunity to design and deploy a Network Access Control (NAC) ecosystem from the ground up, securing thousands to millions of connected devices across operational networks while ensuring uptime and performance. You will act as both a technical authority and a hands-on leader, guiding implementation and shaping long-term strategy.</p><h5>What You’ll Be Doing</h5><p><strong>Technical Leadership &amp; Architecture</strong></p><ul><li><p>Own the design and rollout of a tiered trust OT security model based on NAC principles.</p></li><li><p>Define security zones and access policies for heterogeneous device environments (industrial systems, IoT, third-party equipment).</p></li><li><p>Translate high-level security requirements into practical, scalable network designs.</p></li></ul><p><strong>NAC &amp; Identity Implementation</strong></p><ul><li><p>Lead deployment of PacketFence NAC from pilot phases through full production.</p></li><li><p>Implement certificate-based authentication using 802.1X (EAP-TLS) for trusted devices.</p></li><li><p>Design and manage PKI workflows, including certificate issuance, renewal, and revocation.</p></li><li><p>Enable automated device identification and classification for non-certificate-based endpoints.</p></li></ul><p><strong>Network &amp; Integration</strong></p><ul><li><p>Design VLAN and segmentation strategies with dynamic assignment based on device posture.</p></li><li><p>Integrate NAC with existing network infrastructure using RADIUS.</p></li><li><p>Work closely with network, platform, and field teams to ensure smooth adoption.</p></li></ul><p><strong>Governance &amp; Documentation</strong></p><ul><li><p>Produce and maintain architecture diagrams, configuration standards, and runbooks.</p></li><li><p>Support regulatory and compliance efforts, including alignment with EU cybersecurity requirements.</p></li><li><p>Contribute to security best practices and internal standards.</p></li></ul><p><strong>People &amp; Collaboration</strong></p><ul><li><p>Act as a mentor and technical reference for engineers.</p></li><li><p>Collaborate across teams including cloud, firmware, operations, and customer delivery.</p></li><li><p>Provide clear guidance to both technical and non-technical stakeholders.</p></li></ul><h5>What We Are Looking For</h5><p><strong>Must-Have</strong></p><ul><li><p>5+ years of experience in network security, NAC, or identity and access technologies.</p></li><li><p>Strong hands-on knowledge of 802.1X, RADIUS, and certificate-based authentication.</p></li><li><p>Solid understanding of PKI concepts and certificate lifecycle management.</p></li><li><p>Experience designing network segmentation using VLANs and access policies.</p></li><li><p>Linux administration skills (Debian/Ubuntu-based systems).</p></li><li><p>Scripting and automation skills (Python, Bash).</p></li><li><p>Ability to clearly communicate complex technical concepts.</p></li></ul><p><strong>Nice-to-Have</strong></p><ul><li><p>Experience with PacketFence or similar NAC platforms (e.g. Cisco ISE, Aruba ClearPass, FortiNAC)</p></li><li><p>Exposure to OT / ICS security standards (IEC 62443, NIST, etc.).</p></li><li><p>Experience with MikroTik RouterOS or similar network platforms.</p></li><li><p>Knowledge of TPMs, hardware-backed identities, or HSMs.</p></li><li><p>Background in IoT, embedded systems, or industrial environments.</p></li><li><p>Familiarity with EU Cyber Resilience Act or related regulations.</p></li></ul><h5>Technology Environment</h5><ul><li><p><strong>NAC:</strong> PacketFence (open-source).</p></li><li><p><strong>Networking:</strong> MikroTik routers and switches.</p></li><li><p><strong>Authentication:</strong> FreeRADIUS, 802.1X (EAP-TLS).</p></li><li><p><strong>PKI:</strong> Step-CA and PacketFence integrated PKI.</p></li><li><p><strong>Device Profiling:</strong> Fingerbank.</p></li><li><p><strong>Monitoring &amp; Logging:</strong> Integrated with central SIEM/log platforms.</p></li><li><p><strong>Infrastructure:</strong> VMware / Proxmox, Debian-based Linux systems.</p></li></ul><h5><strong>What is in It for You</strong></h5><ul><li><p>&nbsp;Competitive salary and benefits.</p></li></ul><ul><li><p>&nbsp;Career development opportunities in a growing tech company.</p></li></ul><ul><li><p>&nbsp;Continuous learning culture: mentorship, internal training, and certifications.</p></li></ul><ul><li><p>&nbsp;Flexible, agile work environment (remote, hybrid, or on-site in Kraków.</p></li></ul><ul><li><p>&nbsp;Office perks: great coffee, tea, fresh fruit, snacks, and a fun atmosphere.</p></li></ul><ul><li><p>&nbsp;Flat management structure, where your voice matters.</p></li></ul><ul><li><p>&nbsp;Regular team events and a social, supportive work culture.</p></li></ul><ul><li><p>&nbsp;B2B contract or Contract of Mandate (Umowa Zlecenie).</p></li></ul><h5>🌟 <strong>Why Join Kolomolo?</strong></h5><p>At <strong>Kolomolo</strong>, we prioritize innovation, agility, and autonomy. Our teams have the freedom to own their work, share ideas, and make meaningful contributions. Inspired by <strong>Scandinavian values</strong>, we believe in <strong>work-life harmony</strong> and creating an inclusive culture where everyone thrives.</p><p>You will be part of a passionate, skilled, and friendly team that works hard and celebrates together. Here, you can build your career on your own terms, with opportunities to grow, learn, and make a real impact.</p><h5><strong>Our Flat Structure &amp; The Culture of Inclusion&nbsp;</strong></h5><p>At Kolomolo, we break the corporate mold. We offer:</p><ul><li><p><strong>Agile Teams &amp; Autonomy</strong>: No micromanagement. You’ll own your projects and enjoy the freedom to innovate.</p></li><li><p><strong>Work-Life Harmony</strong>: Inspired by Scandinavian values, we prioritize balance and flexibility, where&nbsp;remote work and asynchronous collaboration are in our DNA.</p></li><li><p><strong>Learning &amp; Growth</strong>: Continuous learning is at our core. We reward hard work, value smart ideas, and foster an environment of mutual respect and trust.</p></li><li><p><strong>Inclusive Culture</strong>: We believe in DEI: diversity, equity and inclusion.&nbsp;We are committed to creating an environment where every individual, regardless of background, identity, or experience feels valued, respected, and empowered to thrive.</p></li></ul><p>Join Kolomolo and elevate your career with cutting-edge technology, a supportive team, and a company that truly values your input.</p><p>Ready for the next step? <strong>Apply now</strong> <strong>at</strong> <a target="_blank" href="https://jobs.kolomolo.com/jobs/6928250-tech-lead-ot-security-network-access-control">https://jobs.kolomolo.com/jobs/6928250-tech-lead-ot-security-network-access-control</a> and start an exciting journey of growth and innovation with us!</p><p><br></p><p><br></p>