Network and Security Architect - SASE (Secure Access Service Edge)

Company Description

At Bosch, we shape the future by inventing high-quality technologies and services that spark enthusiasm and enrich people’s lives. Our promise to our associates is rock-solid: we enjoy our work, we inspire each other, we provide equal growth opportunities for all team members, all roles are represented in all countries. We grow together!

Job Description

We are seeking a highly skilled and experienced Network and Security Architect with a deep specialization in Zero Trust Network Access (ZTNA) architecture deployment and the delivery of comprehensive Secure Access Service Edge (SASE) solutions. This critical role will be instrumental in transforming Bosch's network and security posture, driving the adoption of modern, cloud-native security frameworks, and enabling secure, seamless access for our global workforce and partners. 

The successful candidate will be a visionary leader with a strong technical background, capable of translating strategic security objectives into practical, scalable, and resilient architectural designs. You will play a pivotal role in shaping Bosch's future security landscape, working collaboratively with various IT and business units to ensure our security infrastructure aligns with our global innovation goals. 

Key Responsibilities: 

• ZTNA & SASE Architecture Leadership: 

• Lead the design, development, and evolution of Bosch's global ZTNA and SASE architecture, ensuring alignment with industry best practices, regulatory requirements, and Bosch's security policies. 

• Define architectural patterns, standards, and blueprints for ZTNA and SASE components, including Secure Web Gateway (SWG), Cloud Access Security Broker (CASB), Firewall-as-a-Service (FWaaS), Zero Trust Network Access (ZTNA), Data Loss Prevention (DLP), and advanced threat protection. 

• Evaluate and recommend new technologies, vendors, and solutions within the ZTNA/SASE ecosystem to enhance Bosch's security capabilities and optimize performance. 

• Develop and maintain the architectural roadmap for ZTNA and SASE, forecasting future needs and anticipating technological shifts. 

• Deployment and Integration: 

• Oversee the end-to-end deployment of ZTNA and SASE solutions, including planning, design, implementation, testing, and go-live. 

• Collaborate with network engineering, security operations, application development, and business units to ensure seamless integration of ZTNA/SASE with existing IT infrastructure and applications. 

• Define integration strategies for identity providers (e.g., Azure AD), endpoint security solutions, and other security tools. 

• Provide expert guidance and technical leadership to implementation teams and external vendors. 

• Security Policy and Governance: 

• Translate high-level security requirements into detailed ZTNA and SASE policies, rules, and configurations. 

• Develop and enforce security standards and guidelines for secure access, data protection, and threat prevention within the SASE framework. 

• Contribute to the continuous improvement of Bosch's overall security posture by identifying gaps and recommending proactive measures. 

• Ensure compliance with relevant data privacy regulations (e.g., GDPR) and industry standards. 

• Performance and Optimization: 

• Monitor and analyze the performance of ZTNA and SASE solutions, identifying bottlenecks and proposing optimization strategies. 

• Develop and implement strategies for traffic steering, policy enforcement, and user experience optimization. 

• Conduct regular security audits and assessments of the ZTNA/SASE infrastructure. 

• Collaboration and Communication: 

• Act as a Subject Matter Expert (SME) for ZTNA and SASE within Bosch, providing technical leadership, guidance, and training to various teams. 

• Communicate complex technical concepts to non-technical stakeholders, securing buy-in and fostering understanding. 

• Collaborate effectively with global IT teams, business units, and external partners to achieve shared objectives. 

• Participate in internal and external security forums and industry events to stay abreast of emerging threats and technologies. 

• Proof-of-Concept & Vendor Management: 

• Lead and participate in proof-of-concept (PoC) initiatives for new ZTNA/SASE technologies and solutions. 

• Manage relationships with key security vendors, evaluating their offerings and ensuring alignment with Bosch's strategic direction. 

Qualifications

Required Skills and Experience: 

• 10+ years of progressive experience in network and security architecture, with a strong focus on cloud security. 

• 5+ years of hands-on experience designing, deploying, and managing large-scale ZTNA and SASE solutions in enterprise environments. 

• Deep understanding and practical experience with leading SASE vendor platforms (e.g., Zscaler, Palo Alto Networks Prisma Access, Fortinet FortiSASE, Netskope, etc.). 

• Proven expertise in Zero Trust principles and their practical implementation across various layers (identity, device, application, data). 

• Strong knowledge of networking protocols (TCP/IP, BGP, OSPF, DNS, HTTP/S), VPN technologies (IPsec, SSL VPN), and network security concepts (firewalls, IDS/IPS, WAF). 

• Experience with cloud platforms (Azure, AWS, GCP) and their security services. 

• Proficiency in identity and access management (IAM) concepts and technologies (SAML, OAuth, OpenID Connect, MFA). 

• Excellent analytical, problem-solving, and decision-making skills. 

• Strong communication, presentation, and interpersonal skills with the ability to influence and persuade stakeholders at all levels. 

• Ability to work independently and as part of a global, cross-functional team. 

• Fluency in English (written and spoken).  

Desired Qualifications: 

• Experience with DevOps/SecDevOps practices and automation tools (e.g., Terraform, Ansible). 

• Knowledge of microservices architecture and container security. 

• Bonus: Experience in network automation and scripting (Python, Ansible, RESTful APIs, CI/CD, GIT). 

• Comfortable working on both Linux and Windows systems. 

• Soft Skills: 

• Excellent problem-solving abilities. 

• Strong communication and consulting skills. 

• Customer-oriented mindset. 

• Proactive, results-driven, and self-organized. 

• Fluent in English (written and spoken). 

Additional Information 

• Willingness to participate in On-Call Duty support. 

• Flexibility to occasionally work outside of standard office hours. 

Additional Information

Bosch’s culture of innovation and digital transformation offers you a fantastic platform to grow your skills and enhance your network. We are dedicated to building a warm, open, transparent, and inclusive work environment for all.

Work #LikeABosch:

• Employment Contract
• Competitive salary + annual bonus
• Hybrid work with flexible working hours
• Referral Bonus Program
• Copyright costs for IT employees

Grow #LikeABosch:

• Complex environment of working, professional support and possibility to share knowledge and best practices
• Ongoing development opportunities in a multinational environment
• Broad access to professional trainings (incl. language courses), conferences and webinars

Live #LikeABosch:

• Private medical care and life insurance
• Cafeteria System with multiple benefits (incl. MultiSport, shopping vouchers, cinema tickets, etc.)
• Prepaid Lunch Card 
• Number of benefits for families (for instance summer camps for kids)
• Non-working day on the 31st of December