Senior Network Security Engineer(m/w/x)

# Senior Network Security Engineer(m/f/d) **Viernheim, Germany** | **Full time** **Title:** Senior Network Security Engineer(m/f/d) **Location:** Global Role - Mars Petcare Science & Diagnostics Division (Hub Hybrid Viernheim Germany) **Job Type:** Full-Time **Reports To:** Science & Diagnostics Division Director of Cybersecurity **This is a Hybrid role based out of our office in Viernheim Germany.** **Job Summary:** The Senior Network Security Engineer is responsible for designing, implementing and maintaining security controls that protect SDx enterprise network from cyber threats. This role requires extensive (7 years or more) expertise in Palo Alto firewalls, intrusion prevention and detection systems (IDS/IPS), content network delivery, and routing tools, Network Access Control (NAC) equipment, Virtual Private Networks and Secure Remote technologies, as well as developing perimeter-less and/or zero-trust security architectures. As part of the cybersecurity team, you will collaborate with information technology departments such as networking and infrastructure, Research & Development-Product Management, DevOps-Software Development, and other members of the cybersecurity team to ensure a secure and resilient network infrastructure. **Key Responsibilities:** * Design and enforce network security policies and best practices to protect against threats. * Design and implement secure network architectures, including segmentation, micro segmentation, DDoS protection, and zero trust-based policies within the relationships, workflow, and access to resources. * Deploy, configure and manage firewalls, IDS/IPS, Network Access Control-NAC, VPNS, proxy solutions including Palo Alto, Cisco, Zscaler, among other. * Monitor network traffic for anomalies, analyze security logs and respond to network-based threats and intrusions, in coordination with the Mars Incident Response and security teams. * Conducts and coordinate risk assessments, vulnerability scanning, and penetration testing for network security. * Implement and enforce network security policies, access controls and encryption. * Work with the Mars SOC team to assist in investigating security incidents to support forensic investigation and analysis. Further assist with integration of managing Security Incident Event Monitoring-SIEM, Security Orchestration Automation & Response-SOAR, and threat intelligence solutions, among other. * Automate network security tasks using automation tools such as Python, PowerShell, Ansible, among other. * Ensure compliance with security frameworks as well as regulatory requirements for network security including NIST, ISO, PCI, among others. * Optimize security for hybrid and multi-cloud environments including AWS, GCP and Azure, Salesforce, among others. **Qualifications & Experience:** * Bachelors in Cybersecurity, Information Technology, Computer Science, Engineering or related field. Master’s degree is a plus, but not essential. * 7+ years of experience in network security, threat detection, or cybersecurity operations. * Hand-on experience with firewalls (Palo Alto, Cisco, Checkpoint), IDS/IPS, VPNs, as well as network access control solutions (NAC). * Strong knowledge of network protocols and technologies (TCP/IP, BGP, OSPF, VLANs, MPLS, DNS, DHCP, etc.). * Familiarity with Cloud-Native network protection tools. * Experience with SIEM platforms (Splunk, QRadar, etc.) and log analysis. * Understanding of Zero Trust architecture. * At least 7 years of experience with Palo Alto firewalls, managing segmentation & micro-segmentation, VPN, Advanced DNS security, URL filtering, Threat Prevention and network access control solutions. * At least one year managing Cloud NGFW for Azure & AWS, IoT security integrated with Network Access Control solutions, Prisma Access, Global Protect VPN, among other. * Palo Alto Network Security Engineer (PCNSE) certification. *Preferred Qualifications:* * Experience in regulated industries (finance, healthcare, manufacturing, etc.) applying regulatory regulations and/or security frameworks. * Hands -on knowledge of security tools (SIEM, EDR, XDR, IDS/IPS, etc.). * Hands -on knowledge of Content Delivery Network (CDN) and tools such as Cloudflare, Fastly, Azure CDN, Route 53, among other. * Experience in a laboratory setting, veterinary clinics, healthcare or related systems. * Experience communicating complex security concepts effectively (technical, non-technical and executive level audiences). * Relevant certifications such as Certified Ethical Hacker, Cisco Certified CyberOps Associate or CCNP Security are also preferred. **Physical Demands:** • Extensive sitting, phone, and computer use • Extend and reach with hands and arms and use hands and fingers • Occasionally required to bend, kneel, stoop, or crouch • May be required to lift, move, and carry up to 15 lbs. • Specific vision abilities required including close vision, color vision, depth perception, and the ability to adjust focus. • Hearing ability to effectively communicate via the telephone and in person • Ability to communicate verbally on the telephone and in person • Fluency in the English language • Extended hours may be needed **Work Environment:** The employee will primarily work in a typical office environment including use of cubicles, computers and overhead lighting. Temperature extremes will be minimal to nonexistent. The noise level in the work environment is usually moderate. The employee will be required to use a computer, spreadsheets, database management, email, and the Internet. The employee is frequently required to use a calculator; fax, copy machine, and phone system.