Senior Engineering Manager – Network Security Engineering

A.P. Moller Maersk is the global leader in container shipping services. The business operates in 130 countries and employs c. 90000 staff. An integrated container logistics company Maersk aims to connect and simplify its customers supply chains. Joining Maersk will embark you on a transformational journey with great opportunities for career development within a global organization. As a Network Security Engineering Manager you will lead a global engineering team that delivers secure reliable network security services as internal products - automation-first measurable and built to scale across a highly distributed enterprise. You will be exposed to a wide and challenging range of needs and opportunities requiring you to engage closely with stakeholders across all management levels within Maersk as you mature evolve and operate our portfolio of network security capabilities to become world class.

The Brief

A globally focused shipping and transportation organisation is continuing to drive an ambitious and complex change and transformational programme to deliver a service of excellence for its customers and clients worldwide. The Global CTIO has a mandate from the Maersk board to lead the Technology transformation of Maersk which will enable the Maersk business strategy to become the global integrator of container logistics through digitising the Maersk business processes and customer engagement.

The Technology function is fundamental to enable the companys transformation and in response to this demand our in-house technological capability is growing exponentially. We are recruiting world class talent to ensure that the technology services are modernised to enable Maersk to become a logistics integrator leveraging a competitive advantage through technology.

Why this job matters

The Network Architecture & Engineering function is pivotal to our transformation responsible for the engineering of network and network security capabilities that provide the digital connectivity backbone for Maersk - connecting people platforms assets and value-chain partners.

Reporting to the Director Network Architecture & Engineering you will serve as Senior Engineering Manager for Network Security Engineering. You will be accountable for the design build and L2/L3 operation of key network security products run as product-led internal services with clear roadmaps measurable reliability and automation-first delivery.

It has a critical role to play as we continue to develop our long-term multi-technology and multi-product network and network security capabilities connecting our asset sites and people on land and at sea. Delivering best in class global connectivity and network security services that not only meet the need of our business today but will be a differentiator enabling our colleagues and partners with technology solutions that are a catalyst for productivity and innovation.

Scope

Network security services protect Maersk environments across core data center cloud and edge locations (offices warehouses terminals data centres and co-location facilities). Services include:

Core/Data Center firewall platforms (NGFW) (and related policy governance/operations)

Secure Web Gateway (SWG)

Partner/contractor connectivity security controls (VPN network-side patterns enforcement requirements and governance in collaboration with cybersecurity organization)

AAA / Privileged Network Access (TACACS/RADIUS) and NAC platform services (incl. policy/identity integrations and governance)

Out-of-Band (OOB) management for network infrastructure (secure break-glass access and recoverability)

Branch egress & segmentation governance delivered via the branch connectivity enforcement stack (embedded firewall capability) plus full ownership of any standalone branch NGFW deployments where required

What Ill be doing your accountabilities

Lead a global engineering team delivering network security platforms as internal products with clear ownership of reliability and operational outcomes.

Own the product engineering lifecycle for network security services: roadmap execution modernization technical debt management and continuous improvement.

Establish and operate measurable reliability management: define service indicators and objectives monitor service health and drive improvement based on data incidents and customer experience.

Drive automation-first delivery: embed Infrastructure-as-Code and CI/CD practices into network change delivery with safe deployment patterns (validation progressive rollout rollback).

Partner with the Network Operational Inteliigence teams to adopt golden automation patterns and scale self-service onboarding for engineering teams.

Collaborate closely with enterprise network architecture to align to standards patterns and guardrails while enabling high-speed delivery with minimal friction.

Define scalable policy governance and guardrails (e.g. segmentation and egress controls) that can be consumed as-a-service by other teams - reducing handoffs and enabling fast flow.

Partner with product ops to ensure services are clearly described in the catalog cost drivers are transparent and vendor interfaces support product outcomes.

Enable integration and standardization of newly acquired environments into Maersks standard network security platforms controls and operating model.

Own cost leadership and total cost of ownership (TCO) for Core services - set targets optimize capacity and carriers partner with Product Operations and vendors - maintaining SLOs while reducing cost-to-serve.

Build strong stakeholder relationships across infrastructure and security domains; define crisp interfaces and decision boundaries that reduce handoffs and ambiguity.

Develop engineering talent create an inclusive culture and foster an environment of ownership learning and continuous improvement.

The Candidate

To be considered for this opportunity candidates will have the following core capabilities and technical expertise.

Core Capabilities

15 years of experience in enterprise network security engineering in global multi-vendor environments including senior engineering leadership.

Proven record leading build-and-run services combining engineering operations and automation disciplines.

Detailed network design engineering integration optimisation knowledge and expertise across all 7 layers of the OSI stack with the ability to employ in both physical and virtual contexts.

Strong product-led mindset for internal platforms: clear service contracts adoption/onboarding focus and customer outcomes orientation.

Effective stakeholder leadership across infrastructure and cyber security teams able to define decision boundaries and scalable interfaces.

Leadership in design and operations with a track record of promoting diversity and creating an inclusive working environment.

Technical Expertise

Deep experience operating NGFW platforms and managing policy lifecycle and governance; familiarity with policy assurance practices/tooling is a plus (Checkpoint Palo Alto Fortinet Cisco or similar).

Experience integrating with firewall assurance platforms (Firemon Tufin or similar).

Experience running web security gateway services and leading transitions from legacy web security to modern secure access approaches (Bluecoat Websense F5 WSS Zscaler Prisma or similar).

Strong expertise in AAA and NAC (TACACS/RADIUS/NAC) and identity integrations in complex enterprise environments.

Hands-on proficiency with network automation using Infrastructure-as-Code concepts and modern delivery practices (catalog driven orchestration automated validation controlled rollout CI/CD Python NETCONF/RESTCONF/YANG Ansible/Terraform/Cloud Formation AIOps).

Working knowledge of Zero Trust concepts and enterprise migration considerations (ZTNA NIST 800-207).

Understanding of hybrid network security patterns across core cloud and edge including segmentation and branch enforcement designs.

Operational observability and reliability practices: actionable telemetry monitoring design incident learning and service performance reporting.

Knowledge in traditional network domains such as routing & switching network content engineering WAF NTP/PTP and DDI.

Practitioner understanding of cloud networking cloud network security best practices NFV and hybrid WAN/Internet edge designs (cloud/virtual networking SDN SD-WAN).

Ability to operate effectively in a product-led multi-team model with platform enablement product operations and service assurance interfaces.

CISSP/CISM certification is a plus.

Your Mindset

Automation-first: eliminate repetitive work through code and self-service.

Operational excellence: reliability observability and recovery speed are design principles not afterthoughts.

Continuous improvement: use incidents data and feedback loops to improve services sustainably.

Customer-focused: build secure services that reduce friction and enable productivity.

Collaborative and transparent: enable fast flow by creating clear interfaces and minimizing handoffs.

Growth-oriented Leader: develop people not just products creating a culture of curiosity and ownership.

The Impact Youll Make

Within 1218 months your leadership will help to:

Deliver globally consistent network security services with clear ownership and measurable performance.

Embed automation and observability across network security platforms to reduce manual work and improve reliability.

Simplify and standardize firewall SWG partner access patterns AAA/NAC and OOB operations through self-service and safe delivery practices.

Improve the reliability resilience and security posture of the global network.

Position Network Architecture and Engineering as a trusted enabler of secure seamless business connectivity not just an infrastructure provider.

Why Join

You will join a global team modernizing how infrastructure services are designed delivered and operated - moving to a product-led model that emphasizes customer outcomes reliability automation and scalable platform interfaces.

#LI-SS1

#LI-POST

Maersk is committed to a diverse and inclusive workplace and we embrace different styles of thinking. Maersk is an equal opportunities employer and welcomes applicants without regard to race colour gender sex age religion creed national origin ancestry citizenship marital status sexual orientation physical or mental disability medical condition pregnancy or parental leave veteran status gender identity genetic information or any other characteristic protected by applicable law. We will consider qualified applicants with criminal histories in a manner consistent with all legal requirements.

We are happy to support your need for any adjustments during the application and hiring process. If you need special assistance or an accommodation to use our website apply for a position or to perform a job please contact us by emailing .