Tech Lead – OT Security

 Tech Lead – OT Security & Network Access Control

Location: 
Poland - Hybrid

Contract:
 
B2B, Full-Time

Join the Future of Digital Tech with Kolomolo

At 
Kolomolo
, we don't just follow trends - we set them. As a global supplier of IT services and digital modernization solutions, we help businesses embrace cutting-edge technology to optimize their operations. Now, we are growing and looking for fresh talent to grow with us.

Are you proactive, tech-savvy, and eager to build your career in IT?
This role could be your perfect fit.

About the Role

We are looking for a 
Tech Lead – OT Security & Network Access Control
 to take ownership of a modern OT security architecture focused on strong identity, segmentation, and zero-trust principles.

This role offers a rare opportunity to design and deploy a Network Access Control (NAC) ecosystem from the ground up, securing thousands to millions of connected devices across operational networks while ensuring uptime and performance. You will act as both a technical authority and a hands-on leader, guiding implementation and shaping long-term strategy.

What You'll Be Doing

Technical Leadership & Architecture

• Own the design and rollout of a tiered trust OT security model based on NAC principles
• Define security zones and access policies for heterogeneous device environments (industrial systems, IoT, third-party equipment)
• Translate high-level security requirements into practical, scalable network designs

NAC & Identity Implementation

• Lead deployment of PacketFence NAC from pilot phases through full production
• Implement certificate-based authentication using 802.1X (EAP-TLS) for trusted devices
• Design and manage PKI workflows, including certificate issuance, renewal, and revocation
• Enable automated device identification and classification for non-certificate-based endpoints

Network & Integration

• Design VLAN and segmentation strategies with dynamic assignment based on device posture
• Integrate NAC with existing network infrastructure using RADIUS
• Work closely with network, platform, and field teams to ensure smooth adoption

Governance & Documentation

• Produce and maintain architecture diagrams, configuration standards, and runbooks
• Support regulatory and compliance efforts, including alignment with EU cybersecurity requirements
• Contribute to security best practices and internal standards

People & Collaboration

• Act as a mentor and technical reference for engineers
• Collaborate across teams including cloud, firmware, operations, and customer delivery
• Provide clear guidance to both technical and non-technical stakeholders

What We Are Looking For

Must-Have

• 5+ years of experience in network security, NAC, or identity and access technologies
• Strong hands-on knowledge of 802.1X, RADIUS, and certificate-based authentication
• Solid understanding of PKI concepts and certificate lifecycle management
• Experience designing network segmentation using VLANs and access policies
• Linux administration skills (Debian/Ubuntu-based systems)
• Scripting and automation skills (Python, Bash)
• Ability to clearly communicate complex technical concepts

Nice-to-Have

• Experience with PacketFence or similar NAC platforms (e.g. Cisco ISE, Aruba ClearPass, FortiNAC)
• Exposure to OT / ICS security standards (IEC 62443, NIST, etc.)
• Experience with MikroTik RouterOS or similar network platforms
• Knowledge of TPMs, hardware-backed identities, or HSMs
• Background in IoT, embedded systems, or industrial environments
• Familiarity with EU Cyber Resilience Act or related regulations

Technology Environment

• NAC:
   PacketFence (open-source)
• Networking:
   MikroTik routers and switches
• Authentication:
   FreeRADIUS, 802.1X (EAP-TLS)
• PKI:
   Step-CA and PacketFence integrated PKI
• Device Profiling:
   Fingerbank
• Monitoring & Logging:
   Integrated with central SIEM/log platforms
• Infrastructure:
   VMware / Proxmox, Debian-based Linux systems

What is in It for You

• Competitive salary and benefits
• Career development opportunities in a growing tech company
• Continuous learning culture: mentorship, internal training, and certifications
• Flexible, agile work environment (remote, hybrid, or on-site in Kraków
• Office perks: great coffee, tea, fresh fruit, snacks, and a fun atmosphere
• Flat management structure, where your voice matters
• Regular team events and a social, supportive work culture
• B2B contract or Contract of Mandate (Umowa Zlecenie)

Why Join Kolomolo?

At 
Kolomolo
, we prioritize innovation, agility, and autonomy. Our teams have the freedom to own their work, share ideas, and make meaningful contributions. Inspired by 
Scandinavian values
, we believe in 
work-life harmony
 and creating an inclusive culture where everyone thrives.

You will be part of a passionate, skilled, and friendly team that works hard and celebrates together. Here, you can build your career on your own terms, with opportunities to grow, learn, and make a real impact.

Our Flat Structure & The Culture of Inclusion

At Kolomolo, we break the corporate mold. We offer:

• Agile Teams & Autonomy
  : No micromanagement. You'll own your projects and enjoy the freedom to innovate.
• Work-Life Harmony
  : Inspired by Scandinavian values, we prioritize balance and flexibility, where remote work and asynchronous collaboration are in our DNA.
• Learning & Growth
  : Continuous learning is at our core. We reward hard work, value smart ideas, and foster an environment of mutual respect and trust.
• Inclusive Culture
  : We believe in DEI: diversity, equity and inclusion. We are committed to creating an environment where every individual, regardless of background, identity, or experience feels valued, respected, and empowered to thrive.

Join Kolomolo and elevate your career with cutting-edge technology, a supportive team, and a company that truly values your input.

Ready for the next step? 
Apply now
 and start an exciting journey of growth and innovation with us