Principal Network Engineer

Principal Network Engineer
Location: Phoenix, AZ - Hybrid, 3 days/week onsite
Visa : GC
Rate: DOE
Term: 6-12 months

Job Description
The Principal Network Security Architect is an individual contributor supporting the architecture of network security technologies, network cyber defense, security engineering tools with Zscaler, threat monitoring and network security management in the organization Cybersecurity Services. This role leads the network cybersecurity architecture, blueprinting, design, technical discussions, among cybersecurity, networking, and infrastructure teams. Deep technical cybersecurity architecture and design with specific focus across multi-cloud and on-prem is required. Prior experience is required with architecting and designing Zscaler products including Zero TRUST, Cyberthreat Protection with ZIA and ZPA, ZTF, DLP, DNS, and GenAI and Prompt Monitoring.

You will be responsible for deep cybersecurity research, cybersecurity blueprint infrastructure standards, architecting cybersecurity automation ideas and automation packs, innovating, developing, and managing groundbreaking architecture designs with Zscaler capabilities to secure the network on-prem, SaaS, and IaaS infrastructures. You have in-depth experience in managing and architecting network security with prior experience in Zscaler products to build, secure, and monitor the infrastructure and the eco systems both on-prem and in cloud. This role requires deep expertise in the architecture of cybersecurity and network infrastructure.

What You ll Get to Do:
Design, implement, and optimize Zscaler cloud security solutions (e.g., Zscaler Internet Access, Zscaler Private Access, Zscaler Cloud Security Posture Management) to ensure seamless security across all cloud and on-premises environments.
Stay updated with the latest Zscaler features, best practices, and security threats to continuously architect and enhance the organization's security posture.
Design and architect documentation of network security, security infrastructure, cloud security stack, and on-prem security refreshes.
Architect, develop, enforce, and maintain network security architectures, standards, and procedures to ensure the integrity and confidentiality of data.
Collaborate with network teams to design and implement secure network segmentation, access controls, and other security measures.
Maintain close ties with various stakeholders, developers, and engineers across the company, ensuring the services we create meet their needs as products evolve.
Architect, design, and document blueprints with Zscaler and other security tools for threat detection, analysis, and response.
Participate in incident response activities, providing expert analysis and mitigation strategies for security incidents.
Ensure all network security configurations and practices comply with relevant regulatory requirements (e.g., NIST, NYSDFS, FFIEC, GDPR).
Collaborate with the compliance team to conduct regular security audits and risk assessments.
Provide technical training and support to junior engineers and other stakeholders on Zscaler solutions and network security best practices.
Contribute to the development of the Information Security team's strategic plans and roadmaps.
Engage in ongoing learning to stay current with emerging threats, technologies, and methodologies in network security and Zscaler solutions.
Identify areas for process improvement and propose innovative solutions to enhance the organization's security posture.
Architect and Design SOAR & Automation: Identify and implement automation of repetitive tasks. Security Orchestration, Automation and Response.
Architect changes to Zscaler network security upgrades, troubleshooting, and deployment for both on-prem and in the cloud.
Communicate extensively with Data Protection Product and engineering teams across the organization.
Engineer, build, and maintain infrastructure to meet the organization s requirements and ensure high availability.
Drive complex technical initiatives and workshops to fully delivery leveraging knowledge of Cyber security practices, security architecture, and best practices.

What You ll Bring with You:
15 years of hands-on experience in network security, infrastructure security, cloud security, edge security, network data security, and other networking cybersecurity-related controls and technologies including DNS, F.W, and Zero TRUST.
Proven experience with Zscaler products (ZIA, ZPA, CSPM) and their implementation in enterprise environments.
Experience with security architecture frameworks, compliance, and risk management including Zscaler architecture and design for both cloud and on-prem.
Ability to identify security risks and weaknesses and provide security mitigation and remediation recommendations through solid architecture design and blueprinting
Prior experience with architecting complex network security tools including Zscaler cloud security solutions, including Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA).
Ability to foster collaborative, open, working relationships with technology groups and other stakeholders, including vendor relationships.
Proficiency in architecting and design of defense-in-depth with network security capabilities in the areas of monitoring, detection, protection, prevention and the concept of cyber defense network engineering.
Experience in designing and architecting multiple high-visibility and high-impact enterprise cybersecurity networking projects across large global enterprises.
Strong understanding of Zscaler Zero TRUST and Zscaler Network Security principles.
Expertise in architecting, design, automation, building security stacks, and monitoring network security components like Encryption, DNS Security, Network DLP, Zero TRUST, F.W, Segmentation, Security Logging, and Cyber Defense with Zscaler and/or other commercial network cybersecurity solutions.
Work closely with stakeholder teams (Compliance, Windows, Linux, Network, Chronicle, Remedy, Asset Management) to develop high value enterprise capabilities/results while reducing noise and false alarms.
Experience with managing Hardware Security Modules (HSMs) and encryption.
Experience with other cloud security solutions, such as Palo Alto Networks or Check Point.
Familiarity with DevOps tools, such as Jenkins or Docker.
Experience with scripting languages, such as Python or PowerShell.
Bachelor s degree in computer science or related field highly preferred.