Zscaler Security Engineer – ZIA & ZPA
Remote
Job Summary
Seasoned Zscaler Security Engineer to lead and execute ZIA and ZPA deployments across complex enterprise environments. Responsibilities include configuring and optimizing ZIA policies (URL filtering, SSL inspection, cloud firewall rules, and DLP), designing and deploying ZPA application segments and access policies, and integrating Zscaler with identity providers (e.g., Okta, Azure AD) and SIEM/SOAR platforms. Will troubleshoot connectivity and performance issues, develop and maintain technical documentation (architecture diagrams, runbooks, SOPs), and collaborate with network, infrastructure, and security teams to align with security posture. Strong preference for experience migrating Zscaler from IT-managed to Security Engineering-owned environments, deep platform knowledge, and relevant certifications. Must be able to work independently in active deployment phases and communicate effectively with cross-functional teams.
Required Qualifications
- Minimum 10 completed enterprise deployments of Zscaler ZIA and ZPA
- Deep hands-on knowledge of Zscaler platform architecture, including policy configuration, tenant management, and troubleshooting
- Experience migrating Zscaler from IT-managed to Security Engineering-owned environments is strongly preferred
- Proficiency in integrating Zscaler with enterprise identity providers and security tooling
- Solid understanding of network security concepts: DNS, HTTP/S, proxy architectures, SSL/TLS inspection
- Zscaler certifications (ZCCA-IA, ZCCA-PA, or equivalent) are a strong plus
- Strong analytical and problem-solving skills with ability to work independently in active implementation phases
- Effective communicator capable of liaising between security engineering, IT, and leadership teams
Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.
Hiring someone like this?
Get your role in front of qualified candidates on Sorce.