Network Security Enforcement Product Owner

This is a hands-on, senior engineering role with end-to-end responsibility for network traffic control, covering both north-south and east-west flows, across on-premises, hybrid, and cloud environments.

You will be the technical authority for segmentation strategy, firewall platforms, and firewall governance. Vendor brand is secondary, strong networking fundamentals, security architecture reasoning, and engineering judgment are mandatory.

This role reports to the Head of Network Security.

The working location for this position will be in Madrid city, where we operate a hybrid model, requiring at least 40% of the working time on-site.

Creating passion: your responsibilities

Product & Service Ownership

• Own the Segmentation & Firewall service end-to-end, including:

• Network segmentation (macro and microsegmentation).
• Firewall platforms (physical, virtual, cloud, FWaaS).
• Firewall governance and policy lifecycle.
• Define and maintain segmentation models, firewall standards, and reference architectures.
• Act as the primary technical point of contact for all segmentation and firewall-related topics.
• Drive service evolution through roadmap planning, technical debt reduction, and continuous improvement.

Engineering & Operations

• Operate as L2/L3 escalation for firewall and segmentation-related incidents:

• Deep technical troubleshooting.
• Ownership of incidents from escalation to closure.
• Vendor coordination for high-severity cases.
• Delivery of Root Cause Analysis (RCA) and corrective actions.
• Ensure firewall platforms are:
• Properly configured and hardened.
• Running supported and recommended software versions.
• Maintained with controlled, tested policy changes.
• Own hardware, virtual appliance, and subscription lifecycles.

Enablement & Leadership

• Work closely with:

• Network engineering teams, Cloud and platform teams, Application and WAS owners, SOC and incident response teams.
• Provide technical guidance and training to internal engineers and external partners.
• Act as a reference authority in insourced or outsourced / MSSP models.

• Bachelor's or Master's degree in Cybersecurity, Computer Science, Information Systems, or a related field.
• Strong background in network engineering, including: TCP/IP, routing, VLANs, VRFs. Network traffic flows and trust boundaries.
• Solid understanding of network security architecture principles.
• Ability to reason about complex environments and failure modes.
• Proven hands-on experience operating enterprise firewall platforms.
• Strong understanding of:

• Stateful vs stateless inspection.
• L3-L7 policy enforcement.
• East-west and north-south traffic control.

• Experience designing and operating segmentation and microsegmentation models.
• Familiarity with FWaaS and cloud-native firewall constructs.
• Strong experience with firewall policy management and assurance platforms in multi-vendor environments, including how to operate them in line with industry best practices.
• Practical understanding of how such platforms support:

• Policy compliance.
• Risk analysis.
• Change validation.
• Audit and reporting requirements.

• Working knowledge of: Load balancing, IPAM, WAN technologies, Virtualized and cloud networking.
• Exposure to SASE concepts (FWaaS, ZTNA, SWG) is an advantage.
• Experience with one or more of the following vendors is beneficial, but vendor lock-in is not expected: Palo Alto Networks, Check Point, Fortinet, Cisco, Cloud and FWaaS providers.
• Relevant vendor or industry certifications are valued.
• Fluency in English (written and spoken).

• Competitive compensation and benefits package that recognizes your expertise
• Flexible and hybrid working model
• Creative freedom and responsibility to shape processes and solutions in our global transformation
• Continuous learning and development with tailored training and certification opportunities
• Meal vouchers
• Life and accident insurance
• Option to include a premium private health insurance package as part of the flexible remuneration
• A safe, stable and international workplace within a trusted family business that invests in people

At Liebherr, we believe people are at the heart of our success. As part of our international team, you'll enjoy a secure role in a family-owned company that values innovation, collaboration, and long-term career growth, Liebherr is a family-run technology company that is not only one of the largest construction machinery manufacturers in the world, but also offers high-quality, user-oriented products and services in many other areas. The Group employs nearly 50,000 people in more than 140 companies on all continents.