Details
Job Description
Job Summary
We are looking for a highly motivated and detail-oriented Zscaler Security Engineer to support and manage enterprise-level cloud security services. This role will focus on managing Zscaler's core platforms - ZIA, ZPA, ZDX - and ensure the Client Connector is correctly configured, deployed, and updated. The ideal candidate will have a strong background in cloud security, network security, and user experience optimization.
Key Responsibilities
- Zscaler Internet Access (ZIA):
- Configure and maintain web filtering, SSL inspection, firewall rules, and DLP policies.
- Manage authentication and user access using SAML, SCIM, and IdP integrations.
- Monitor logs, policy hits, and troubleshoot access issues using ZIA logs and analytics.
Zscaler Private Access (ZPA)
- Deploy and maintain App Connectors, Segment Groups, and Application Segments.
- Build and enforce least-privilege access controls for private applications.
- Integrate with identity providers and configure SCIM-based provisioning.
- Perform deep-dive diagnostics on internal application access issues.
Zscaler Digital Experience (ZDX)
- Monitor application performance, endpoint health, and network latency.
- Correlate end-user experience data with network and application behavior.
- Create custom dashboards and reports to track SLA and availability.
Zscaler Client Connector (ZCC)
- Manage lifecycle of Client Connector including packaging, deployment, upgrades.
- Configure location awareness, App profile, forwarding profiles, and authentication settings.
- Troubleshoot client connectivity, forwarding failures, and tunneling issues.
- Ensure policies are consistently applied across distributed endpoints.
Additional Responsibilities
- Perform routine health checks and Zscaler platform version audits.
- Engage with Zscaler TAC and support for advanced troubleshooting.
- Maintain compliance with internal policies and external regulatory frameworks.
- Participate in global rollout and migration projects (e.g., PAC to ZCC, CentOS to RHEL9 for App Connectors).
- Lead pilot testing and phased deployments for new Zscaler features or versions.
- Monitor certificate renewals, provisioning key rotation, and access group hygiene.
Job Requirements
Essential Skills & Qualifications
- Bachelor's degree or higher in Computer Science, Information Technology, Cybersecurity, or a related discipline
- Solid understanding of the SOC environment
- Strong quantitative, analytical, data-driven intuition, and problem-solving abilities
- Extensive knowledge of ZIA, ZPA, ZDX, and ZCC platforms
- Proficient in troubleshooting HTTP/HTTPS, VPN, DNS, GRE/IPSec tunnels, SAML, and SCIM
- Familiarity with PAC file logic and traffic forwarding methods
- Experience with Identity Providers (IdPs) such as Okta, Azure AD, or PingFederate
- Strong scripting or automation skills (e.g., PowerShell, Python, or Terraform) are a plus
- Experience in a global team setting is preferred
- Ability to work both collaboratively and independently is essential
- Should be open to rotational shifts
