Network and Security Architect - SASE (Secure Access Service Edge)
Network and Security Architect - SASE (Secure Access Service Edge)
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
We are seeking a highly skilled and experienced Network and Security Architect with a deep specialization in Zero Trust Network Access (ZTNA) architecture deployment and the delivery of comprehensive Secure Access Service Edge (SASE) solutions. This critical role will be instrumental in transforming Boschs network and security posture driving the adoption of modern cloud-native security frameworks and enabling secure seamless access for our global workforce and partners.
The successful candidate will be a visionary leader with a strong technical background capable of translating strategic security objectives into practical scalable and resilient architectural designs. You will play a pivotal role in shaping Boschs future security landscape working collaboratively with various IT and business units to ensure our security infrastructure aligns with our global innovation goals.
Key Responsibilities:
- ZTNA & SASE Architecture Leadership:
- Lead the design development and evolution of Boschs global ZTNA and SASE architecture ensuring alignment with industry best practices regulatory requirements and Boschs security policies.
- Define architectural patterns standards and blueprints for ZTNA and SASE components including Secure Web Gateway (SWG) Cloud Access Security Broker (CASB) Firewall-as-a-Service (FWaaS) Zero Trust Network Access (ZTNA) Data Loss Prevention (DLP) and advanced threat protection.
- Evaluate and recommend new technologies vendors and solutions within the ZTNA/SASE ecosystem to enhance Boschs security capabilities and optimize performance.
- Develop and maintain the architectural roadmap for ZTNA and SASE forecasting future needs and anticipating technological shifts.
- Deployment and Integration:
- Oversee the end-to-end deployment of ZTNA and SASE solutions including planning design implementation testing and go-live.
- Collaborate with network engineering security operations application development and business units to ensure seamless integration of ZTNA/SASE with existing IT infrastructure and applications.
- Define integration strategies for identity providers (e.g. Azure AD) endpoint security solutions and other security tools.
- Provide expert guidance and technical leadership to implementation teams and external vendors.
- Security Policy and Governance:
- Translate high-level security requirements into detailed ZTNA and SASE policies rules and configurations.
- Develop and enforce security standards and guidelines for secure access data protection and threat prevention within the SASE framework.
- Contribute to the continuous improvement of Boschs overall security posture by identifying gaps and recommending proactive measures.
- Ensure compliance with relevant data privacy regulations (e.g. GDPR) and industry standards.
- Performance and Optimization:
- Monitor and analyze the performance of ZTNA and SASE solutions identifying bottlenecks and proposing optimization strategies.
- Develop and implement strategies for traffic steering policy enforcement and user experience optimization.
- Conduct regular security audits and assessments of the ZTNA/SASE infrastructure.
- Collaboration and Communication:
- Act as a Subject Matter Expert (SME) for ZTNA and SASE within Bosch providing technical leadership guidance and training to various teams.
- Communicate complex technical concepts to non-technical stakeholders securing buy-in and fostering understanding.
- Collaborate effectively with global IT teams business units and external partners to achieve shared objectives.
- Participate in internal and external security forums and industry events to stay abreast of emerging threats and technologies.
- Proof-of-Concept & Vendor Management:
- Lead and participate in proof-of-concept (PoC) initiatives for new ZTNA/SASE technologies and solutions.
- Manage relationships with key security vendors evaluating their offerings and ensuring alignment with Boschs strategic direction.
Qualifications :
Required Skills and Experience:
- 10 years of progressive experience in network and security architecture with a strong focus on cloud security.
- 5 years of hands-on experience designing deploying and managing large-scale ZTNA and SASE solutions in enterprise environments.
- Deep understanding and practical experience with leading SASE vendor platforms (e.g. Zscaler Palo Alto Networks Prisma Access Fortinet FortiSASE Netskope etc.).
- Proven expertise in Zero Trust principles and their practical implementation across various layers (identity device application data).
- Strong knowledge of networking protocols (TCP/IP BGP OSPF DNS HTTP/S) VPN technologies (IPsec SSL VPN) and network security concepts (firewalls IDS/IPS WAF).
- Experience with cloud platforms (Azure AWS GCP) and their security services.
- Proficiency in identity and access management (IAM) concepts and technologies (SAML OAuth OpenID Connect MFA).
- Excellent analytical problem-solving and decision-making skills.
- Strong communication presentation and interpersonal skills with the ability to influence and persuade stakeholders at all levels.
- Ability to work independently and as part of a global cross-functional team.
- Fluency in English (written and spoken).
Desired Qualifications:
- Experience with DevOps/SecDevOps practices and automation tools (e.g. Terraform Ansible).
- Knowledge of microservices architecture and container security.
- Bonus: Experience in network automation and scripting (Python Ansible RESTful APIs CI/CD GIT).
- Comfortable working on both Linux and Windows systems.
- Soft Skills:
- Excellent problem-solving abilities.
- Strong communication and consulting skills.
- Customer-oriented mindset.
- Proactive results-driven and self-organized.
- Fluent in English (written and spoken).
Additional Information
- Willingness to participate in On-Call Duty support.
- Flexibility to occasionally work outside of standard office hours.
Additional Information :
Boschs culture of innovation and digital transformation offers you a fantastic platform to grow your skills and enhance your network. We are dedicated to building a warm open transparent and inclusive work environment for all.
Work #LikeABosch:
- Employment Contract
- Competitive salary annual bonus
- Hybrid work with flexible working hours
- Referral Bonus Program
- Copyright costs for IT employees
Grow #LikeABosch:
- Complex environment of working professional support and possibility to share knowledge and best practices
- Ongoing development opportunities in a multinational environment
- Broad access to professional trainings (incl. language courses) conferences and webinars
Live #LikeABosch:
- Private medical care and life insurance
- Cafeteria System with multiple benefits (incl. MultiSport shopping vouchers cinema tickets etc.)
- Prepaid Lunch Card
- Number of benefits for families (for instance summer camps for kids)
- Non-working day on the 31st of December
Remote Work :
No
Employment Type :
Full-time
Employment Type
Full-time
