Zero Trust Security Engineer (ID: 3754)

As an Zero Trust Security Engineer, you will: Lead the engineering and implementation of Zero Trust Architecture (ZTA) solutions across enterprise environments. Drive the deployment, configuration, and optimization of Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA). Own Proof of Concept (POC) activities for new Zero Trust capabilities and validate them in development environments. Engineer migration strategies from legacy VPN and Proxy technologies to identity-based secure access models. Develop and enhance advanced SSL inspection policies, PAC file logic, and API-driven automation workflows Collaborate with Identity, Cloud, Network, and Security teams to integrate authentication and connectivity frameworks. Provide operational readiness support by delivering validated configurations and troubleshooting documentation. Ensure Zero Trust principles such as least-privileged access, segmentation, and application cloaking are effectively implemented. Support continuous product and infrastructure improvements to strengthen enterprise security posture. Contribute to automation initiatives using APIs and scripting technologies such as Python. What You Bring to the Table: 6+ years of experience in Network Security, Cloud Security, or Zero Trust Security Engineering. Strong expertise in Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA) implementation and administration. Deep understanding of Zero Trust Network Access (ZTNA) principles and identity-centric security models. Hands-on experience integrating identity providers such as Okta and Azure AD using SAML, SCIM, and OIDC. Strong background in traditional Proxy and VPN technologies including IPSec and SSL VPN. Experience working with enterprise security infrastructure such as Cisco Firepower, Cisco ISE, or Fortinet solutions. Familiarity with SSL inspection, policy enforcement, secure web gateways, and secure access architectures. Knowledge of network automation, API integrations, and scripting using Python or similar technologies. Experience supporting large-scale enterprise migrations from legacy security environments. Relevant certifications such as Zscaler Certified Cloud Professional (ZCCP) are preferred. You should possess the ability to: Design and implement scalable Zero Trust security architectures. Troubleshoot complex Zscaler, VPN, Proxy, and identity integration issues. Conduct technical evaluations and POC testing for new security capabilities. Optimize security policies while balancing user experience and operational efficiency. Collaborate effectively with cross-functional technical and operational teams. Automate repetitive engineering and operational tasks using APIs and scripting. Analyze network traffic, authentication flows, and security events to identify risks. Support enterprise-wide migrations with minimal disruption to business operations. Create operational documentation, troubleshooting guides, and deployment standards. Adapt quickly to evolving cloud security technologies and enterprise security requirements. What we bring to the table: Opportunity to work on large-scale enterprise Zero Trust transformation initiatives. Exposure to advanced cloud security, identity security, and secure access technologies. A collaborative environment involving Security, Cloud, Identity, and Network engineering teams. Opportunities to drive modernization initiatives by replacing legacy security infrastructures. Hands-on involvement with enterprise-grade Zscaler implementations and integrations. Continuous learning opportunities in Zero Trust, automation, and cloud-native security technologies. Challenging engineering projects focused on security optimization and operational excellence. Let’s Connect Want to discuss this opportunity in more detail? Feel free to reach out. Recruiter: Aswin Dhanvandhar Phone: +31 20 369 0609 ; Extn :141 Email: aswin.d@stafide.nl LinkedIn: https://www.linkedin.com/in/aswin-dhanvandhar/