Engineering Manager

Scope

The network security infrastructure safeguards all Maersk data networks across Core, Cloud, and Edge environments - including offices, warehouses, terminals, data centres, and co-location facilities. Protection is delivered through a comprehensive suite of network security products and services that both secure and enable these environments, including but not limited to:

• Next-Generation Firewalls (NGFW) and Intrusion Detection/Prevention Systems (IDS/IPS)
• Secure Web Gateway (SWG)
• Zero Trust Network Access (ZTNA) and Secure Service Edge (SSE) solutions
• Virtual Private Network (VPN) and SD-WAN edge security controls
• Secure partner and contractor access
• AAA infrastructure (RADIUS, TACACS+, NAC)

Specific Job Requirements

Lead the design, development, global delivery, and operations of secure, reliable, and automated network security products and services across our enterprise network that meet current and future business needs. The position involves collaborating across technical, security, and business teams to gather requirements, assess impacts, and agree on performance and customer experience standards. Key responsibilities include:

• Define and execute network security product roadmap, aligned with enterprise network strategy and zero-trust architecture.
• Own the design build, and run of network security products and services.
• Drive an automation-first operating model, using infrastructure-as-code, APIs, CI/CD pipelines, and self-service to eliminate manual work.
• Establish clear SLAs, SLOs, and service catalogsfor network security offerings.
• Partner closely with Cyber Security teams to align policy and enforcement.
• Lead major lifecycle initiatives: VPN exit strategy, firewall policy standardization and modernization, on-premise SWG and SSE consolidation, and AAA automation.
• Lead agile engineering team to deliver prioritized features aligned with business demand, industry trends, and defect resolution.
• Manage incident response and problem management for network security domain, ensuring operational excellence and continuous improvement.
• Influence product/application design, infrastructure standards, and non-functional requirements.
• Act as a technical stakeholder and solution owner, maintaining strong coordination between architecture, engineering, and operations teams.
• Lead, mentor, and grow a global engineering team focused on innovation, quality, and accountability.

What I'll be doing your accountabilities?

• Network Security Engineering Design, engineering and operations of global network security infrastructure balancing the adoption of next generation technologies with mature solutions across Cloud, Edge, and Datacentres:
• Lead engineering teams that ensuresnetwork security product requirements are delivered to time, cost and quality. Ensure that products and capabilities are compliant with Maersk technology architecture standards and security policies, and easily consumed
• As-a-Service by other TSE products and the business.
• Drive and operate resilient services with measurable business uptime and performance.
• Maintain compliance with security policies, audits, and regulatory frameworks (e.g. Zero-Trust NIST 800-207).
• Build internal, external, and third-party supplier relationships to ensure full commitment and support in execution of the product architecture into operational designs.
• Provide subject matter expertiseto delivery and L1 operational teams to guide deployment and in-life troubleshooting of converged networking and perimeter services.
• Establish andcontinuously improve operations processesto drive efficiency, lower operational costs, implement governance and controls to manage error budgets and consumption, and report on KPIs.
• Publish and maintain a service catalog for Network Security, withdocumented SLIs, SLOs, SLAsand ownership.
• Achieve 40%+ reduction in manual operations throughautomation and self-servicecapabilities.
• Reduce incident MTTR by 30% throughproactive monitoring and AIOpsintegration.
• Plan and coordinate maintenance, while enfocing global consistency with secure configuration baselines and implementing proactive vulnerability management practices.
• Build a culture of learning, transparency, and excellence within the network security team.

The Candidate

To be considered for this opportunity, candidates will have the following core capabilities and technical expertise.

Core Capabilities

• A demonstrable track record operating as an Engineering Manger with 10+ years experience in network security design and enterprise cloud technology adoption in multi-vendor and or multi-MSP production environments in a globally focused business.
• Lead Engineer level credibility with hands-on experience within a systems integrator, enterprise with global footprint, network technology vendor or multi-national Corporations.
• Strong leadership inproduct engineering, combining design, operations, and automationdisciplines.
• Strategic thinker who translates business needs into secure, scalable technical solutions.
• Self-starter, with astrong drive for results, taking accountability for significantly improved outcomes.
• You have a low ego attitude - willing to shift from high-level critical thinking, to rolling up your sleeves and supporting implementation.
• Skilled communicatorwho can lead globally distributed teams and influence stakeholders.
• Leadership in design and operations, with a track record of promotingdiversity and creating an inclusive working environment.

Technical Expertise

• Demonstrated expertise in comprehensive network development, integration, and optimisation, as well as adherence to standards across Layers 1 through 7 of the OSI model, with proficiency in applying these skills within both physical and virtual environments.

• Deep experience with SSE platforms(Zscaler, Prisma Access, Netscope, etc.)
• Expertise in AAA infrastructure(RADIUS, TACACS+, NAC) and identity integrations.
• Proven track record with next-gen firewalls(Checkpoint, Firepower, Palo Alto, Fortinet, or equivalent).
• Hands-on proficiency with automation frameworks Terraform, Ansible, Python, CloudFormation/ARM templates, REST APIs, CI/CD pipelines.
• Understanding of Zero Trust architectures(NIST 800-207), macro/micro segmentation, and secure network access patterns.
• Experience integrating with firewall assuranceplatforms (Firemon, Tufin, or similar).
• Knowledge in traditional network domains such as Routing & Switching, Load Balancers, Web Proxies, WAF, NTP/PTP and DDI.
• Practitioner understanding of cloud networking, cloud network security best practices, NFV, and hybrid WAN/Internet edgedesigns (incl SD-WAN).

Your Mindset

• Automation-First: You eliminate repetitive work through code, not tickets.
• Operational Excellence: You view reliability, observability, and speed of recovery as core design principles.
• Continuous Improvement: Every incident, review, or change drives learning and refinment.
• Customer-Focused:You think in terms of user experience frictionless, secure services that enable productivity.
• Collaborative and Transparent: You partner openly with Cyber, Cloud, End-User and other infrastructure teams to deliver shared outcomes.
• Growth-Oriented Leader: You develop people, not just products, creating a culture of curiosity and ownership.

The Impact Youll Make

Within 18 months, your leadership will:

• Deliver globally consistent network security products and services, serving all global Maersk locations.
• Embed automation and observabilityinto every network security service.
• Simplify and standardizefirewall, SSE, partner access, and AAA operationsl through self-service and APIs.
• Improve the reliability, resilience, and security posture of the global network.
• Position Network Architecture and Engineering as a trusted enabler of secure, seamless business connectivity not just an infrastructure provider.