Responsibilities:
1. Work with the Network Architectto design, develop and maintain the enterprise security architecture.
2. Ensure that all projectshave an Operations hand over plan, including creating and maintainingappropriate documentationand knowledge articles to ensure our solutions are easily understood and well recorded, in accordance with regulatory standards.
3. Overseefirewall and NAC security projects within the organization.
4. Be the ultimate escalation point for issues in Operations.
5. Help provide technical direction, consultancy, and mentorship to junior engineers,the network security team, and infrastructure operations teams.
6. Focus on the creation and execution of medium to high complexity firewall tasks.
7. Drivemedium to high complexity NAC engineering projects.
8. Work with InfoSec and TechOps teams to improve the execution of network security design reviews by the operational team.
9. Interact with Operations support teams as part of the technology lifecycle and report back on operational challenges.
10. Provide business IT consultancy toensureservices are secured by design.
11. Deliver network security engineering projectsper agreed policies, processes, and procedures.
12. Ongoing policy review and adjustment to maintain and develop our security posture.
13. Proactively research emerging technologies, approaches, and the overall threat landscape to enhance Elanco’s network security posture.
14. Set and ensure the delivered solution meets technical, architectural, and application principles andcomplieswith our IT Security, Privacy, and Quality needs.
15. Actively building and staying abreast of emerging technologies, guiding teams on how to interpret and best leverage the emerging technologies.
16. Engaging in the community (internally and externally) across multiple channels, looking to share, educate, and inspire.
What You Need to Succeed (minimum qualifications):
17. Education: Bachelor’s Degree or commensurate industry experience
18. At least 5 years’ experience in network security engineering and design, including hands-on experience with next-generation firewalls, which must include Palo Alto Networks.
19. Experience in designing, building, and documenting technical solutions.
20. Experience with implementing and maturing network security controls and procedures.
21. Experience with routing protocols (OSPF), Cisco switching, Palo Alto Global Protect VPN.
22. Experience maintaining Palo Alto Panorama, Logger, licensing, and other Palo Alto Cloud solutions.
23. Understanding of the principles of a Network Access Control system.
24. Familiar with Zero Trust Network and Zero Trust Edge adoption.
25. Understanding of modern security architectures,, micro-segmentation, application identity, and distributed firewalls.
26. Strong communication skills with multiple examples of being able to convey complex ideas in a manner that resulted in a definitive direction and result
27. Strong personal & work organisational skills, including documentation such as diagramming, creation/modification of high and low-level designs, knowledge base articles, etc.
28. Ability to analyse rulesets and identify opportunities for enhancement through rule consolidation, audit, etc.
29. Typical Utilization Profile:
30. 25% Focus on high complexity changes: lab, pilot, execution in production environments, and handover to operations
31. 25% Roadmap, vision, and expansion of firewall service line/offering
32. 25% Roadmap, vision, and expansion of our NAC service line/offering
33. 25% Team guidance, mentorship, and documentation maintenance
What will give you a competitive edge (preferred qualifications):
34. Familiar with scripting and automation
35. Experience with public cloud platforms (Azure or GCP), including integration of Palo Alto VM series firewalls into cloud networks
36. Experience with OT, manufacturing, or other regulated environments
37. Experience with common OT systems and protocols
38. Experience with ForescoutCounterACT NAC or other enterprise NAC solutions
39. Experience with Meraki MX Series Security Policy
40. Experience working with vendors and MSPs
41. Strong passion for new technologies, new ideas, and creative ways of thinking
42. Agile exposure and experience
43. Palo Alto, Cisco CCNP-Security, CISSP, or other security certification
Additional Information:
44. Travel: 0-10%
45. Location: Hook, UK - Hybrid Work Environment