Requirements

Operating system

Windows

Our requirements

• Required Skills and Experience:
• 10+ years of progressive experience in network and security architecture, with a strong focus on cloud security.
• 5+ years of hands-on experience designing, deploying, and managing large-scale ZTNA and SASE solutions in enterprise environments.
• Deep understanding and practical experience with leading SASE vendor platforms (e.g., Zscaler, Palo Alto Networks Prisma Access, Fortinet FortiSASE, Netskope, etc.).
• Proven expertise in Zero Trust principles and their practical implementation across various layers (identity, device, application, data).
• Strong knowledge of networking protocols (TCP/IP, BGP, OSPF, DNS, HTTP/S), VPN technologies (IPsec, SSL VPN), and network security concepts (firewalls, IDS/IPS, WAF).
• Experience with cloud platforms (Azure, AWS, GCP) and their security services.
• Proficiency in identity and access management (IAM) concepts and technologies (SAML, OAuth, OpenID Connect, MFA).
• Excellent analytical, problem-solving, and decision-making skills.
• Strong communication, presentation, and interpersonal skills with the ability to influence and persuade stakeholders at all levels.
• Ability to work independently and as part of a global, cross-functional team.
• Fluency in English (written and spoken).
• Desired Qualifications:
• Experience with DevOps/SecDevOps practices and automation tools (e.g., Terraform, Ansible).
• Knowledge of microservices architecture and container security.
• Bonus: Experience in network automation and scripting (Python, Ansible, RESTful APIs, CI/CD, GIT).
• Comfortable working on both Linux and Windows systems.
• Soft Skills:
• Excellent problem-solving abilities.
• Strong communication and consulting skills.
• Customer-oriented mindset.
• Proactive, results-driven, and self-organized.
• Fluent in English (written and spoken).
• Additional Information
• Willingness to participate in On-Call Duty support.
• Flexibility to occasionally work outside of standard office hours.

Your responsibilities

• ZTNA & SASE Architecture Leadership:
• Lead the design, development, and evolution of Bosch's global ZTNA and SASE architecture, ensuring alignment with industry best practices, regulatory requirements, and Bosch's security policies.
• Define architectural patterns, standards, and blueprints for ZTNA and SASE components, including Secure Web Gateway (SWG), Cloud Access Security Broker (CASB), Firewall-as-a-Service (FWaaS), Zero Trust Network Access (ZTNA), Data Loss Prevention (DLP), and advanced threat protection.
• Evaluate and recommend new technologies, vendors, and solutions within the ZTNA/SASE ecosystem to enhance Bosch's security capabilities and optimize performance.
• Develop and maintain the architectural roadmap for ZTNA and SASE, forecasting future needs and anticipating technological shifts.
• Deployment and Integration:
• Oversee the end-to-end deployment of ZTNA and SASE solutions, including planning, design, implementation, testing, and go-live.
• Collaborate with network engineering, security operations, application development, and business units to ensure seamless integration of ZTNA/SASE with existing IT infrastructure and applications.
• Define integration strategies for identity providers (e.g., Azure AD), endpoint security solutions, and other security tools.
• Provide expert guidance and technical leadership to implementation teams and external vendors.
• Security Policy and Governance:
• Translate high-level security requirements into detailed ZTNA and SASE policies, rules, and configurations.
• Develop and enforce security standards and guidelines for secure access, data protection, and threat prevention within the SASE framework.
• Contribute to the continuous improvement of Bosch's overall security posture by identifying gaps and recommending proactive measures.
• Ensure compliance with relevant data privacy regulations (e.g., GDPR) and industry standards.
• Performance and Optimization:
• Monitor and analyze the performance of ZTNA and SASE solutions, identifying bottlenecks and proposing optimization strategies.
• Develop and implement strategies for traffic steering, policy enforcement, and user experience optimization.
• Conduct regular security audits and assessments of the ZTNA/SASE infrastructure.
• Collaboration and Communication:
• Act as a Subject Matter Expert (SME) for ZTNA and SASE within Bosch, providing technical leadership, guidance, and training to various teams.
• Communicate complex technical concepts to non-technical stakeholders, securing buy-in and fostering understanding.
• Collaborate effectively with global IT teams, business units, and external partners to achieve shared objectives.
• Participate in internal and external security forums and industry events to stay abreast of emerging threats and technologies.
• Proof-of-Concept & Vendor Management:
• Lead and participate in proof-of-concept (PoC) initiatives for new ZTNA/SASE technologies and solutions.
• Manage relationships with key security vendors, evaluating their offerings and ensuring alignment with Bosch's strategic direction.