Zscaler Network Security Engineer (Adv) - U.S. Citizenship Required

About The Position

Requirements

• Due to the nature of the contract requirements, U.S. citizenship and successful completion of a CGI background check are required prior to beginning work. In addition, candidates must have the ability to obtain and maintain a DHS EOD/Public Trust clearance.
• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field (or equivalent experience).
• 2+ years of hands-on experience in network security engineering/architecture, including firewalls, routers, switches, load balancers, and sensors.
• 1+ years of experience configuring Zscaler.
• Proficient in configuring and managing Zscaler products, including ZIA and ZPA. Experience with network protocols, LAN/WAN configurations, and cloud platforms such as Azure.
• Strong understanding of Zero Trust architecture principles and experience with security tools like Secure Web Gateway (SWG), CASB, DLP, etc.
• Strong knowledge of SASE, cloud networking, ZTNA, SD-WAN, and VPN alternatives, with hands-on configuration of DLP, SSL inspection, URL filtering, sandboxing, and SaaS security.
• Proficiency in automation tools such as Terraform, Ansible, or Python for infrastructure-as-code and reusable Prisma configurations.
• Excellent communication and collaboration skills for working with cross-functional teams, stakeholders, and vendors. Ability to convey technical information clearly to non-technical stakeholders.

Nice To Haves

• Experience working within a SAFe Agile framework.
• Experience with CISA’s Continuous Diagnostics and Mitigation (CDM) program.
• Understanding of Advanced Network Protection concepts; general understanding and/or experience in Managed Services.
• Relevant certifications such as Zscaler Certified Cloud Professional (ZCCP).
• Certifications in network security (e.g., CISSP, CCNA Security).

Responsibilities

• Design and Implement Security Solutions: Develop and deploy Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA) solutions to secure internet traffic and private application access.
• Network Configuration and Management: Configure and manage network security components, including proxies, firewalls, and VPNs, in alignment with Zscaler technologies.
• Policy Migration and Management: Migrate existing security policies from on-premises solutions to cloud-based Zscaler services, ensuring seamless integration with existing IT infrastructure.
• Troubleshooting and Support: Diagnose and resolve complex technical issues related to network security using tools like Wireshark or TCPDump. Provide support for incident response activities.
• Security Monitoring: Implement monitoring solutions to detect and respond to potential security threats. Optimize system performance through regular reviews.
• Collaboration: Work with cross-functional teams, including network engineers, security analysts, and developers, to integrate security solutions into the overall IT infrastructure. Perform work within a SAFe Agile framework.
• Documentation: Develop and maintain documentation, including deployment guides, configuration and installation guides, and architecture diagrams.

Benefits

• Competitive compensation
• Comprehensive insurance options
• Matching contributions through the 401(k) plan and the share purchase plan
• Paid time off for vacation, holidays and sick time
• Paid parental leave
• Learning opportunities and tuition assistance
• Wellness and well-being programs