Senior Engineering Manager – Network Security Engineering

Job Description

A.P. Moller – Maersk is the global leader in container shipping services. The business operates in 130 countries and employs c. 90,000 staff. An integrated container logistics company, Maersk aims to connect and simplify its customers’ supply chains. Joining Maersk will embark you on a transformational journey with great opportunities for career development within a global organization. As a Network Security Engineering Manager, you will lead a global engineering team that delivers secure, reliable network security services as internal products - automation-first, measurable, and built to scale across a highly distributed enterprise. You will be exposed to a wide and challenging range of needs and opportunities requiring you to engage closely with stakeholders across all management levels within Maersk as you mature, evolve and operate our portfolio of network security capabilities to become world class.

The Brief

A globally focused shipping and transportation organisation is continuing to drive an ambitious and complex change and transformational programme to deliver a service of excellence for its customers and clients worldwide. The Global CTIO has a mandate from the Maersk board to lead the Technology transformation of Maersk which will enable the Maersk business strategy to become the global integrator of container logistics through digitising the Maersk business processes and customer engagement.

The Technology function is fundamental to enable the company’s transformation and in response to this demand, our in-house technological capability is growing exponentially. We are recruiting world class talent to ensure that the technology services are modernised to enable Maersk to become a logistics integrator leveraging a competitive advantage through technology.

Why this job matters?

The Network Architecture & Engineering function is pivotal to our transformation, responsible for the engineering of network and network security capabilities that provide the digital connectivity backbone for Maersk - connecting people, platforms, assets and value-chain partners.

Reporting to the Director, Network Architecture & Engineering, you will serve as Senior Engineering Manager for Network Security Engineering. You will be accountable for the design, build, and L2/L3 operation of key network security products, run as product-led internal services with clear roadmaps, measurable reliability, and automation-first delivery.

It has a critical role to play as we continue to develop our long-term multi-technology and multi-product network and network security capabilities, connecting our asset, sites and people on land and at sea. Delivering best in class global connectivity and network security services that not only meet the need of our business today but will be a differentiator, enabling our colleagues and partners with technology solutions that are a catalyst for productivity and innovation.

Scope

Network security services protect Maersk environments across core, data center, cloud, and edge locations (offices, warehouses, terminals, data centres, and co-location facilities). Services include:

· Core/Data Center firewall platforms (NGFW) (and related policy governance/operations)

· Secure Web Gateway (SWG)

· Partner/contractor connectivity security controls (VPN, network-side patterns, enforcement requirements, and governance in collaboration with cybersecurity organization)

· AAA / Privileged Network Access (TACACS+/RADIUS) and NAC platform services (incl. policy/identity integrations and governance)

· Out-of-Band (OOB) management for network infrastructure (secure break-glass access and recoverability)

· Branch egress & segmentation governance delivered via the branch connectivity enforcement stack (embedded firewall capability), plus full ownership of any standalone branch NGFW deployments where required

What I'll be doing – your accountabilities?

· Lead a global engineering team delivering network security platforms as internal products, with clear ownership of reliability and operational outcomes.

· Own the product engineering lifecycle for network security services: roadmap execution, modernization, technical debt management, and continuous improvement.

· Establish and operate measurable reliability management: define service indicators and objectives, monitor service health, and drive improvement based on data, incidents, and customer experience.

· Drive automation-first delivery: embed Infrastructure-as-Code and CI/CD practices into network change delivery, with safe deployment patterns (validation, progressive rollout, rollback).

· Partner with the Network Operational Inteliigence teams to adopt golden automation patterns and scale self-service onboarding for engineering teams.

· Collaborate closely with enterprise network architecture to align to standards, patterns, and guardrails while enabling high-speed delivery with minimal friction.

· Define scalable policy governance and guardrails (e.g., segmentation and egress controls) that can be consumed “as-a-service” by other teams - reducing handoffs and enabling fast flow.

· Partner with product ops to ensure services are clearly described in the catalog, cost drivers are transparent, and vendor interfaces support product outcomes.

· Enable integration and standardization of newly acquired environments into Maersk’s standard network security platforms, controls, and operating model.

· Own cost leadership and total cost of ownership (TCO) for Core services - set targets, optimize capacity and carriers, partner with Product Operations and vendors - maintaining SLOs while reducing cost-to-serve.

· Build strong stakeholder relationships across infrastructure and security domains; define crisp interfaces and decision boundaries that reduce handoffs and ambiguity.

· Develop engineering talent, create an inclusive culture, and foster an environment of ownership, learning, and continuous improvement.

The Candidate

To be considered for this opportunity, candidates will have the following core capabilities and technical expertise.

Core Capabilities

· 15+ years of experience in enterprise network security engineering in global, multi-vendor environments, including senior engineering leadership.

· Proven record leading build-and-run services combining engineering, operations, and automation disciplines.

· Detailed network design engineering, integration, optimisation knowledge and expertise across all 7 layers of the OSI stack with the ability to employ in both physical and virtual contexts.

· Strong product-led mindset for internal platforms: clear service contracts, adoption/onboarding focus, and customer outcomes orientation.

· Effective stakeholder leadership across infrastructure and cyber security teams, able to define decision boundaries and scalable interfaces.

· Leadership in design and operations, with a track record of promoting diversity and creating an inclusive working environment.

Technical Expertise

· Deep experience operating NGFW platforms and managing policy lifecycle and governance; familiarity with policy assurance practices/tooling is a plus (Checkpoint, Palo Alto, Fortinet, Cisco or similar).

· Experience integrating with firewall assurance platforms (Firemon, Tufin, or similar).

· Experience running web security gateway services and leading transitions from legacy web security to modern secure access approaches (Bluecoat, Websense, F5, WSS, Zscaler, Prisma or similar).

· Strong expertise in AAA and NAC (TACACS+/RADIUS/NAC) and identity integrations in complex enterprise environments.

· Hands-on proficiency with network automation using Infrastructure-as-Code concepts and modern delivery practices (catalog driven orchestration, automated validation, controlled rollout, CI/CD, Python, NETCONF/RESTCONF/YANG, Ansible/Terraform/Cloud Formation, AIOps).

· Working knowledge of Zero Trust concepts and enterprise migration considerations (ZTNA, NIST 800-207).

· Understanding of hybrid network security patterns across core, cloud, and edge, including segmentation and branch enforcement designs.

· Operational observability and reliability practices: actionable telemetry, monitoring design, incident learning, and service performance reporting.

· Knowledge in traditional network domains such as routing & switching, network content engineering, WAF, NTP/PTP, and DDI.

· Practitioner understanding of cloud networking, cloud network security best practices, NFV, and hybrid WAN/Internet edge designs (cloud/virtual networking, SDN, SD-WAN).

· Ability to operate effectively in a product-led, multi-team model with platform enablement, product operations, and service assurance interfaces.

· CISSP/CISM certification is a plus.

Your Mindset

· Automation-first: eliminate repetitive work through code and self-service.

· Operational excellence: reliability, observability, and recovery speed are design principles, not afterthoughts.

· Continuous improvement: use incidents, data, and feedback loops to improve services sustainably.

· Customer-focused: build secure services that reduce friction and enable productivity.

· Collaborative and transparent: enable fast flow by creating clear interfaces and minimizing handoffs.

· Growth-oriented Leader: develop people, not just products, creating a culture of curiosity and ownership.

The Impact You’ll Make

Within 12–18 months, your leadership will help to:

· Deliver globally consistent network security services with clear ownership and measurable performance.

· Embed automation and observability across network security platforms to reduce manual work and improve reliability.

· Simplify and standardize firewall, SWG, partner access patterns, AAA/NAC, and OOB operations through self-service and safe delivery practices.

· Improve the reliability, resilience, and security posture of the global network.

· Position Network Architecture and Engineering as a trusted enabler of secure, seamless business connectivity – not just an infrastructure provider.

Why Join?

You will join a global team modernizing how infrastructure services are designed, delivered, and operated - moving to a product-led model that emphasizes customer outcomes, reliability, automation, and scalable platform interfaces.

#LI-SS1

#LI-POST

Maersk is committed to a diverse and inclusive workplace, and we embrace different styles of thinking. Maersk is an equal opportunities employer and welcomes applicants without regard to race, colour, gender, sex, age, religion, creed, national origin, ancestry, citizenship, marital status, sexual orientation, physical or mental disability, medical condition, pregnancy or parental leave, veteran status, gender identity, genetic information, or any other characteristic protected by applicable law. We will consider qualified applicants with criminal histories in a manner consistent with all legal requirements.

We are happy to support your need for any adjustments during the application and hiring process. If you need special assistance or an accommodation to use our website, apply for a position, or to perform a job, please contact us by emailing accommodationrequests@maersk.com.