Senior Network Security Engineer (OT)

TL;DR

Senior Network Security Engineer (OT): Designing and implementing firewall and NAC technology solutions across IT and OT networks with an accent on segmentation strategies, zero-trust principles, and Purdue Model compliance. Focus on leading policy lifecycle management, securing industrial protocols, and maturing network security posture in manufacturing environments.

Location: UK - Hook. Working across time zones to support global business may be required. Overseas travel might be required.

Company

Global leader in animal health (NYSE: ELAN) dedicated to innovation in products and services for farm animals and pets.

What you will do

• Partner with InfoSec and Network Architecture to define enterprise firewall, NAC, and segmentation architecture across corporate and manufacturing environments.
• Lead design, implementation, and lifecycle management of Palo Alto firewall policies, zone-based segmentation, and security services.
• Design segmentation strategies aligned to Purdue Model in manufacturing networks, balancing cybersecurity, availability, safety, and regulations.
• Own medium- to high-complexity firewall and NAC initiatives from design through operational handover.
• Drive policy lifecycle management, rule optimization, and risk reduction across firewalls and NAC.
• Conduct network security design reviews and provide senior-level technical leadership and mentorship.

Requirements

• 5+ years of network security engineering experience, hands-on with Palo Alto next-generation firewalls.
• Experience with Palo Alto Panorama, Global Protect VPN, and cloud-delivered security services.
• Proven segmentation strategies in enterprise and OT-heavy environments.
• Experience engineering or administering NAC platform (e.g., Forescout CounterACT).
• Understanding of ICS environments and OT protocols (Modbus, EtherNet/IP, PROFINET, OPC/UA, DNP3, BACnet).
• Working knowledge of routing/switching (OSPF, Cisco) and Zero Trust principles.

Nice to have

• Experience with Palo Alto VM-Series in Azure or GCP.
• Work in manufacturing/OT or regulated environments.
• NSPM tools like AlgoSec or Tufin.
• Meraki MX security policy design.
• Relevant certifications (PCNSE, CCNP Security, CISSP).

Culture & Benefits

• Diverse and inclusive work environment fostering innovation and new ways of thinking.
• Opportunity to work with dynamic individuals and acquire new skills.
• Commitment to building a diverse team and encouraging applications from underrecognized groups.