Senior Network Security Engineer - OT

We are seeking a Senior Network Security Engineer (OT) to assist us in designing and implementing firewall and network access control (NAC) technology solutions across IT and OT networks. The Senior Network Security Engineer will contribute to delivering various technical products in collaboration with other engineers, architects, and operational support teams., The Senior Network Security Engineer will be part of the team responsible for developing and supporting Elanco's Network Security Platform. The team collaborates closely with technical service owners, architects, and the operations team to continuously raise the reliability bar for our services while guiding the adoption of Elanco's network and security platform. The team provides direction for implementing modern technologies and a zero-trust strategy throughout all stages of the service development life cycle., * Partner with InfoSec and Network Architecture to define and evolve enterprise firewall, NAC, and segmentation architecture across corporate and manufacturing environments.

• Lead design, implementation, and lifecycle management of Palo Alto firewall policies, zone-based segmentation, and security services, including secure north-south and east-west controls.
• Design and enforce segmentation strategies aligned to Purdue Model principles in manufacturing networks, balancing cybersecurity, availability, safety, and regulatory requirements.
• Apply security controls with awareness of industrial protocols such as Modbus/TCP, EtherNet/IP (CIP), PROFINET, OPC/OPC-UA, DNP3, and BACnet, accounting for legacy systems and deterministic traffic flows.
• Own medium- to high-complexity firewall and NAC initiatives from design through operational handover, including structured documentation and runbooks.
• Design and implement Network Security Policy Management (NSPM) solutions to support rule lifecycle governance, risk analysis, attestation, and compliance validation.
• Drive policy lifecycle management across firewalls and NAC, including rule review, optimization, consolidation, and risk reduction.
• Conduct and influence network security design reviews in collaboration with InfoSec, TechOps, and site IT/OT stakeholders.
• Ensure all solutions are secure-by-design and compliant with IT Security, Privacy, Quality, and regulatory standards (including GxP where applicable).
• Continuously assess and improve the overall network security posture through threat-informed adjustments and evaluate the capability of emerging capabilities.
• Provide senior-level technical leadership, mentorship, and cross-functional security consultancy.

Do you have experience in VPN?, Do you have a Bachelor's degree?, Education : EQUIVALENTEXPERIENCE, * 5+ years of network security engineering experience, including hands-on design and administration of Palo Alto Networks next-generation firewalls

• Experience with Palo Alto Panorama, logging infrastructure, Global Protect VPN, licensing, and related cloud-delivered security services
• Proven experience designing and implementing segmentation strategies in enterprise and manufacturing/OT-heavy environments
• Experience in engineering or administering a Network Access Control platform (e.g., Forescout CounterACT), including visibility, classification, and enforcement workflows
• Experience designing and implementing an NSPM solution for firewall rule governance, compliance validation, and lifecycle management
• Understanding of industrial control system (ICS) environments and common OT protocols (Modbus, EtherNet/IP, PROFINET, OPC/UA, DNP3, BACnet)
• Experience maturing network security controls, procedures, and policy governance processes
• Working knowledge of routing and switching fundamentals to support firewall integration (e.g., OSPF, Cisco switching)
• Understanding of Zero Trust principles, micro-segmentation, application identity, and distributed enforcement models
• Demonstrated ability to analyze large firewall rulesets and identify optimization, consolidation, and risk reduction opportunities
• Strong written and verbal communication skills with experience producing high- and low-level designs, diagrams, and operational documentation

What will give you a competitive edge (preferred qualifications):

• Experience deploying and integrating Palo Alto VM-Series firewalls within Azure or GCP cloud environments.
• Experience working in manufacturing, OT, or other regulated environments with an understanding of industrial systems and operational constraints
• Experience with Forescout CounterACT or other enterprise NAC platforms in complex environments
• Experience with NSPM tools such as AlgoSec or Tufin
• Experience with Meraki MX security policy design and cloud-managed security platforms
• Experience collaborating with vendors, third parties, and MSPs in regulated or production environments
• Exposure to Agile delivery models and cross-functional security project execution
• Relevant certifications such as Palo Alto Networks (PCNSE), Cisco CCNP Security, CISSP, or equivalent, Bachelor's Degree or commensurate industry experience

As a global leader in animal health, we are dedicated to innovation and delivering products and services to prevent and treat disease in farm animals and pets. At Elanco, we are driven by our vision of Food and Companionship Enriching Life and our purpose - all to Go Beyond for Animals, Customers, Society and Our People. At Elanco, we pride ourselves on fostering a diverse and inclusive work environment. We believe that diversity is the driving force behind innovation, creativity, and overall business success. Here, you'll be part of a company that values and champions new ways of thinking, work with dynamic individuals, and acquire new skills and experiences that will propel your career to new heights. Making animals' lives better makes life better - join our team today!