Zero Trust Architecture & Operations Lead

About The Position

Requirements

• 8+ years of relevant work experience with a Bachelor’s in Computer Science, Information Technology, Electrical/Computer Engineering or related field (required). 6 years with a Master's, 3 years with a PhD
• Strong ability to develop, document, and refine SOPs for technical teams, including Service Desk operations.
• Advanced troubleshooting and problem-solving skills, with experience addressing complex technical issues for both internal teams and end users.
• Proven ability to deliver targeted technical training, user outreach, and security awareness programs.
• Experience operating Zero Trust and SASE solutions within large, complex enterprise or federal environments, including collaboration across cybersecurity, infrastructure, and application teams.
• Must be a US Citizen with the ability to obtain a Public Trust clearance
• Zscaler Private Access (ZPA)
• Thorough understanding of ZPA functions, configuration, policy creation, and component discovery, including application segmentation, connector deployment models, and access policy optimization.
• Zscaler Internet Access (ZIA)
• Expertise in configuring and optimizing ZIA, including tunnel setups, traffic inspection policies, bypass configurations, and aggregated egress, with a focus on performance, security enforcement, and user experience.
• Zscaler Digital Experience (ZDX)
• Proficiency in configuring, monitoring, and reporting within ZDX to drive continuous user experience improvements, including proactive identification of performance and access issues.
• Zscaler Client Connector (ZCC)

Responsibilities

• Serve as a technical authority representing the Department of Labor Zero Trust program, ensuring best-in-class security practices and operational excellence.
• Implement, manage, and refine cloud-based SASE solutions in alignment with the Department’s Zero Trust framework, security roadmap, and Zero Trust maturity model objectives.
• Assess and validate SASE platform capabilities, ensuring consistent application of standard configurations, policy-as-code approaches where applicable, and security policies across the enterprise.
• Provide expert-level guidance on identity and authentication, network security, and cloud security solutions to internal teams and leadership, including integration with enterprise identity providers, multi-factor authentication, conditional access, and device posture validation.
• Develop, maintain, and coordinate SOPs that support the implementation and continuous improvement of Zero Trust security controls, including Service Desk intake, escalation paths, change procedures, and operational runbooks.
• Diagnose and resolve complex, escalated technical issues with efficiency and accuracy, serving as the highest-level operational escalation point for Zero Trust and SASE-related incidents.
• Engage with stakeholders to understand security requirements, design Zero Trust solutions, and deliver technical support and knowledge-sharing sessions.
• Deliver Zero Trust awareness and training programs, ensuring employees understand security expectations and remain compliant with all applicable regulations and Department security policies.
• Assist with documentation of business rules and workflows in ServiceNow and assess overall SASE user experience for continuous improvement.
• Identify automation opportunities, analyze operational gaps, and recommend strategic improvements to strengthen platform capabilities, including the use of APIs, automation, and standardized templates to improve consistency and reduce operational overhead.
• Implement Zero Trust controls, conduct risk assessments, develop mitigation strategies, and collaborate with teams to ensure secure integration across systems spanning identity, endpoint, network, application, and data access layers.
• Coordinate closely with Business Application Services, Operations, Network Services, and the Cyber Security Division to deploy security controls and support secure application and system operations through disciplined change, release, and configuration management processes.
• Provide ongoing technical support and serve as a trusted advisor on Zero Trust-related security issues for employees and stakeholders.
• Support security monitoring, audit, and incident response activities by integrating Zscaler telemetry and logs with enterprise SIEM and monitoring platforms, assisting with investigations, root-cause analysis, and post-incident improvements.
• Define, track, and report Zero Trust operational metrics and key performance indicators (KPIs), including adoption, user experience, access performance, and risk reduction outcomes, to technical and executive leadership.
• Ensure Zero Trust and SASE operations support compliance with federal security requirements, including FISMA, FedRAMP-authorized cloud services, and Authority to Operate (ATO) processes.