Network Security Controls Senior Manager

About The Position

Requirements

• Bachelor’s degree or higher
• 10+ years of experience in systems engineering, systems integration, software engineering, electrical engineering, certification, network security and/or cybersecurity
• 10+ years of experience with security risk analysis, network communication concepts, principles and architectures, associated with network planning, design, integration and maintenance
• 10+ years of experience working on teams and projects that involve cross-functional and/or cross-business domains with executive interface experience
• 5+ years of experience Palo Alto Networks firewall
• 3+ years of experience with Zero Trust principles and architecture, including identity-driven access enforcement, micro segmentation, and policy-based controls
• 3+ years of experience as a manager of people

Nice To Haves

• Master's or higher in Computer Science, Cybersecurity, Information Technology, or related field
• One or more recognized industry certifications such as CISSP, CCSP, or equivalent
• Zscaler certifications (Zscaler Certified Cybersecurity Associate, Zscaler Digital Transformation Architect, or equivalent)
• Palo Alto Networks certifications (PCNSE, PCDRA, or equivalent)
• Experience leading a Zero Trust program or a major SASE/SSE migration in a large enterprise environment
• Experience integrating network security capabilities with identity systems (Entra ID, Okta, Ping, or equivalent), particularly for ZTNA and conditional access scenarios
• Experience with public cloud security across AWS, Azure, or Google Cloud, including cloud-native network security controls (security groups, VPCs, cloud WAF, cloud firewalls)
• Experience with regulatory/compliance frameworks (SOC2, ISO27001, FedRAMP, PCI, HIPAA, NIST CSF) and how to operationalize controls in network security
• Experience with NAC platforms (Cisco ISE, Aruba ClearPass), DNS security (Cisco Umbrella, Infoblox), or NDR platforms (ExtraHop, Vectra, Darktrace)
• Experience with infrastructure-as-code (Terraform, Ansible) and policy-as-code practices for network security automation
• Experience with vendor and contract management experience with major cyber vendors, including quarterly business reviews and negotiation participation

Responsibilities

• Lead, mentor, and grow a multi-discipline network security engineering team (7–12 direct reports) supporting firewalls, virtual private network/remote access (VPN), zero trust network access (ZTNA), secure access service edge/secure service edge (SASE/SSE), web and domain name system (DNS) filtering, network access control (NAC), micro-segmentation, wireless, Wi-Fi, and network detection capabilities
• Define and execute the network security product roadmap aligned to enterprise zero trust priorities and the broader Cyber Protection & Defense strategy
• Drive the networking portions of the enterprise Zscaler implementation — including Zscaler Internet Access (ZIA: secure web gateway, cloud firewall, uniform resource locator (URL) filtering, secure sockets layer (SSL) inspection, cloud sandbox) and Zscaler Private Access (ZPA: zero trust network access for private applications)
• Build and maintain the network security control plane: design, engineering, and lifecycle management of Palo Alto Networks next-generation firewalls, GlobalProtect, Prisma, web and domain name system (DNS) filtering, web application firewall (WAF) and distributed denial-of-service (DDoS) solutions, network access control (NAC) and micro-segmentation tooling, and network detection
• Champion modern engineering practices including infrastructure as code for network security policy, automated testing of controls, and continuous improvement of the engineering and delivery experience
• Partner with other cyber control areas — identity and access management (IAM), endpoint controls, data security, application security, and cloud security — to bring zero trust to the Cyber organization through joint policy design, integration patterns, and shared metrics
• Establish and maintain the operational hand-off model with the Infrastructure & Operations organization for day-to-day support, patching, and incident handling of network security infrastructure
• Manage vendor relationships and contracts with Palo Alto Networks, Zscaler, and other network security vendors; conduct quarterly business reviews, evaluate new tools, and drive adoption where appropriate
• Perform as company independent system of record (ISO) control owner for network security controls. Manage integration and closure of security findings of network systems and reconcile with Boeing policies and ISO controls.
• Act as organizational interface to corporate audit and sustainability of network security processes with corporate audit and Boeing policy compliance
• Support Information Security organizational consultant to Business Units and other information technology (IT) organizations to influence adoption of, and compliance with, security policies, practices, and network controls. Ensure business units understand corporate policies and Department of Defense (DoD) network security positions when developing systems that rely on the corporate network
• Manage, support, and maintain the messaging backbone service to ensure Boeing email is secure from spam, junk, malware, and phishing
• Manage and own network filtering rules for International Traffic in Arms Regulations (ITAR) proscribed countries and non-Boeing access filter globally
• Own capacity planning, cost management, and platform health reporting for network security services
• Hire, retain, and develop senior individual contributors and team leads; drive career development plans and performance reviews
• Provide cost, risk, and impact analysis for network security design and operational decisions; present to executive stakeholders

Benefits

• health insurance
• flexible spending accounts
• health savings accounts
• retirement savings plans
• life and disability insurance programs
• paid and unpaid time away from work