Security Engineer - Zscaler

The U.S. Cybersecurity and Infrastructure Security (CISA) mission is to lead the national effort to protect and enhance the resilience of the nation’s physical and cyber infrastructure.  CISA includes the CISA Mission Enabling Offices (MEOs) and six Divisions: the Cybersecurity Division (CSD), the Emergency Communications Division (ECD), the Integrated Operations Division (IOD), Infrastructure Security Division (ISD), the Stakeholder Engagement Division (SED), as well as, the National Risk Management Center (NRMC), which are headquartered within the National Capital Region (NCR).  

CISA’s information technology (IT) landscape has historically produced networks and systems individually managed and maintained within each of its Divisions as well as its MEOs.  This task order is to provide Enterprise Engineering and Operations Support Services (EEOSS) to CISA/OCIO to establish enterprise IT capabilities. These enterprise IT capabilities shall support CISA’s ability to continue establishing a modern IT infrastructure; engaging in various initiatives to evaluate and implement emerging technologies; migrating to the cloud; supporting mobility and collaboration platforms; and continually improving the performance, security, and availability of enterprise IT services.

Working with an enterprise network architecture, engineering, and implementation team supporting our Federal customer, the Security Engineering role will focus on providing Zscaler Engineering support and will be responsible for implementing the ZScaler solutions to manage connections between CISA users and cloud environments, applying IT Security Governance policies to prevent data exposure, ensure compliance across SaaS applications, and drive innovation for management, functionality, and reporting between disparate mission and IT groups.

Primary Responsibilities:

• The Zscaler Engineer is responsible for the engineering, design, test, and implementation of ZScaler internet (TIC) and private access (VPN replacement) solution.
• Support of the development of the Technical Requirements Document and a Detailed Design Document (DDD) for the network architecture, consistent with the associated Functional Requirements Document and DDD, before transitioning to Operations.
• Development and maintenance of monitoring processes and procedures supporting a 24/7/365 Network Operations Center (NOC).
• Support of all updates to all documents when there is change in the network design and/or technologies and collaborating with all stakeholders to test all related systems and application migration processes to verify that the systems meet requirements and can host applications with no degradation to performance or security.
• Preparation of test reports and Implementation Plans for each change impacting the network environment
• Implements the ZScaler solution across an enterprise.
• Implements Data Loss Prevention (DLP) practices and policies.
• Managing user access controls in cloud environments.
• Serves as a Subject Matter Expert in the advanced CASB, DLP, API, SD-WAN, and location implementation and best practices around those implementations.
• Provides internal consulting, technical guidance, information and support to application developers, computer operations, company management and departmental clients. Assists in internal training programs
• Must be able to work with minimal supervision and possess excellent written and verbal communication skills

Bachelors AND 5 years' experience OR 9 years' experience in lieu of a degree.

• Requires hands-on experience in Network Design, Network Engineering, Network Operational Support, and cloud engineering experience of Medium to Large enterprise network environments.
• Experience implementing the ZScaler CASB solution in an enterprise.
• Experience with Zscaler or related Data Loss Prevention (DLP) practices and policies.
• Experience with managing user access controls in cloud environments.
• Experience with ServiceNow, Jira, VMware vCenter, cloud computing concepts
• Experience with cloud reporting with preparation for both internal and executive stakeholders
• Experience migrating from legacy on-prem networking to the cloud networking
• Experience with traditional on-premises proxies
• Experience with cloud-based proxy concepts
• Experience with Cloud Identity and Access Management
• Experience deploying and managing virtual servers on premise and in the cloud
• Experience with concepts and operations of cloud-based on physical load balancers
• Experience with implementing and exporting audit trails
• Experience with cloud-based monitoring solutions
  
  

Must be able to provide proof of U.S. Citizen and be able to obtain a DHS clearance with CISA

Other Duties: Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.

Clearance Preference:

• DHS EOD - 1st priority
• Any DHS badge + DoD Top Secret or Secret - 2nd choice
• DoD Secret or Top Secret + willingness to get EOD clearance - 3rd choice (it can take 45 days to obtain EOD clearance – work can only begin once the clearance is fully adjudicated)

Founded in 2010, Sev1Tech provides IT, engineering, and program management solutions delivery. Sev1Tech focuses on providing program and IT support services to critical missions across Federal and Commercial Clients. Our Mission is to Build better companies.  Enable better government. Protect our nation. Build better humans across the country.

Join the Sev1Tech family where you can achieve great accomplishments while fostering a satisfying and rewarding career progression.  Please apply directly through the website at: https://careers-sev1tech.icims.com/    #joinSev1tech

For any additional questions or to submit any referrals, please contact: kaleigh.tiano@sev1tech.com

Sev1Tech is an Equal Opportunity and Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.