Principal Security Network Engineer

At Elanco (NYSE: ELAN) – it all starts with animals!

As a global leader in animal health, we are dedicated to innovation and delivering products and services to prevent and treat disease in farm animals and pets. We’re driven by our vision of ‘Food and Companionship Enriching Life’ and our approach to sustainability – the Elanco Healthy Purpose™ – to advance the health of animals, people, the planet and our enterprise.

At Elanco, we pride ourselves on fostering a diverse and inclusive work environment. We believe that diversity is the driving force behind innovation, creativity, and overall business success. Here, you’ll be part of a company that values and champions new ways of thinking, work with dynamic individuals, and acquire new skills and experiences that will propel your career to new heights.

Making animals’ lives better makes life better – join our team today!

We are seeking a Principal Network Security Engineer to assist us in designing and implementing firewall and network access control (NAC) technology solutions across IT and OT networks. The Principal Network Security Engineer will contribute to delivering various technical products in collaboration with other engineers, architects, and operational support teams.  

The Principal Network Security Engineer will be part of the team responsible for developing and supporting Elanco’s Network Security Platform. The team collaborates closely with technical service owners, architects, and the operations team to continuously raise the reliability bar for our services while guiding the adoption of Elanco’s network and security platform. The team provides direction for implementing modern technologies and a zero-trust strategy throughout all stages of the service development life cycle.  

Your Responsibilities: 

• Work with the Network Architect to design, develop and maintain the enterprise security architecture. 

• Ensure that all projects have an Operations hand over plan, including creating and maintaining appropriate documentation and knowledge articles to ensure our solutions are easily understood and well recorded, in accordance with regulatory standards. 

• Oversee firewall and NAC security projects within the organization. 

• Be the ultimate escalation point for issues in Operations. 

• Help provide technical direction, consultancy, and mentorship to junior engineers, the network security team, and infrastructure operations teams. 

• Focus on the creation and execution of medium to high complexity firewall tasks. 

• Drive medium to high complexity NAC engineering projects. 

• Work with InfoSec and TechOps teams to improve the execution of network security design reviews by the operational team. 

• Interact with Operations support teams as part of the technology lifecycle and report back on operational challenges. 

• Provide business IT consultancy to ensure services are secured by design. 

• Deliver network security engineering projects per agreed policies, processes, and procedures. 

• Ongoing policy review and adjustment to maintain and develop our security posture. 

• Proactively research emerging technologies, approaches, and the overall threat landscape to enhance Elanco’s network security posture. 

• Set and ensure the delivered solution meets technical, architectural, and application principles and complies with our IT Security, Privacy, and Quality needs. 

• Actively building and staying abreast of emerging technologies, guiding teams on how to interpret and best leverage the emerging technologies. 

• Engaging in the community (internally and externally) across multiple channels, looking to share, educate, and inspire. 
  
   

What You Need to Succeed (minimum qualifications): 

• Education: Bachelor’s Degree or commensurate industry experience 
   

• At least 5 years’ experience in network security engineering and design, including hands-on experience with next-generation firewalls, which must include Palo Alto Networks. 

• Experience in designing, building, and documenting technical solutions. 

• Experience with implementing and maturing network security controls and procedures. 

• Experience with routing protocols (OSPF), Cisco switching, Palo Alto Global Protect VPN. 

• Experience maintaining Palo Alto Panorama, Logger, licensing, and other Palo Alto Cloud solutions. 

• Understanding of the principles of a Network Access Control system. 

• Familiar with Zero Trust Network and Zero Trust Edge adoption. 

• Understanding of modern security architectures, e.g., micro-segmentation, application identity, and distributed firewalls. 

• Strong communication skills with multiple examples of being able to convey complex ideas in a manner that resulted in a definitive direction and result 

• Strong personal & work organisational skills, including documentation such as diagramming, creation/modification of high and low-level designs, knowledge base articles, etc.  

• Ability to analyse rulesets and identify opportunities for enhancement through rule consolidation, audit, etc.  

• Typical Utilization Profile: 

• 25% Focus on high complexity changes: lab, pilot, execution in production environments, and handover to operations  

• 25% Roadmap, vision, and expansion of firewall service line/offering 

• 25% Roadmap, vision, and expansion of our NAC service line/offering  

• 25% Team guidance, mentorship, and documentation maintenance   
   

What will give you a competitive edge (preferred qualifications): 

• Familiar with scripting and automation 

• Experience with public cloud platforms (Azure or GCP), including integration of Palo Alto VM series firewalls into cloud networks  

• Experience with OT, manufacturing, or other regulated environments 

• Experience with common OT systems and protocols 

• Experience with Forescout CounterACT NAC or other enterprise NAC solutions 

• Experience with Meraki MX Series Security Policy  

• Experience working with vendors and MSPs 

• Strong passion for new technologies, new ideas, and creative ways of thinking 

• Agile exposure and experience  

• Palo Alto, Cisco CCNP-Security, CISSP, or other security certification 

Additional Information: 

• Travel: 0-10% 

• Location: Hook, UK -  Hybrid Work Environment 
   

Don’t meet every single requirement? Studies have shown underrepresented groups are less likely to apply to jobs unless they meet every single qualification. At Elanco we are dedicated to building a diverse and inclusive work environment. If you think you might be a good fit for a role but don't necessarily meet every requirement, we encourage you to apply. You may be the right candidate for this role or other roles!  

Elanco is an EEO/Affirmative Action Employer and does not discriminate on the basis of age, race, color, religion, gender, sexual orientation, gender identity, gender expression, national origin, protected veteran status, disability or any other legally protected status