Zscaler Enterprise Architect

 Posted 2 hours ago
     
10+ years experience
Apply Now

Please mention DailyRemote when applying

AI Summary

Define and deliver enterprise-wide network security architecture, focusing on firewalls, web security proxies, and zero-trust solutions across cloud and data centers. Lead complex migrations, establish security governance, and optimize operational processes through automation and Infrastructure as Code.

GovCIO is seeking an experienced Zscaler Enterprise Architect to define and deliver enterprise-wide firewall, web security proxy, and secure network architecture solutions across data centers, cloud, and distributed field locations. The Architect will set strategy, design scalable and highly available security platforms, lead complex implementations and migrations, and drive governance, automation, and continuous improvement of network security controls. This position will be within United States and will be fully remote.


Responsibilities

  • Define enterprise network security architecture and roadmap for next-generation firewalls, web security proxies, VPNs, and related controls across data centers, cloud, and branch/remote sites. 
  • Lead design and implementation of Palo Alto Networks NGFW solutions at scale, including architecture patterns for segmentation, security policies, NAT, VPNs (IPsec/SSL), threat prevention, URL filtering, TLS/SSL decryption, and high-availability/clustering. 
  • Architect and validate network designs for Cisco routing and switching across LAN/WAN, ensuring performance, resilience, and security for high-throughput environments. 
  • Own architecture and deployment strategies for web security platforms (McAfee Web Gateway / Web Security Proxy) and cloud-based secure web gateways (e.g., Zscaler), including policy models, threat protection, content inspection, and telemetry integration. 
  • Integrate network security solutions with enterprise identity and authentication services (Active Directory, LDAP, RADIUS, TACACS+, 802.1X), enabling centralized policy enforcement and role-based access controls. 
  • Define secure network segmentation, micro-segmentation, and zero-trust network access strategies; produce reference architectures, design patterns, and configuration baselines. 
  • Drive cross-functional security initiatives: large-scale firewall and proxy migrations, datacenter-to-cloud transition, SD-WAN and SASE adoption, and consolidation of security tooling. 
  • Establish governance: security policy lifecycle, rulebase rationalization, change control, risk assessments, and exception processes. 
  • Design and implement logging, telemetry, and monitoring architectures to surface threats, performance issues, and policy violations; integrate with SIEM, SOAR, and observability platforms. 
  • Lead incident response for network security events, conduct root-cause analysis, and define remediation and preventative controls. 
  • Optimize operational processes via automation and IaC (Ansible, Terraform, scripts) for deployment, configuration management, and compliance validation. 
  • Provide technical leadership, mentor engineers, coordinate vendor engagements, and influence executive stakeholders on strategy, budgets, and roadmap. 
  • Ensure architectures meet regulatory, compliance, and audit requirements; produce documentation, diagrams, and security design reviews. 

 


Qualifications

Bachelor’s degree in Computer Science, Information Technology, Engineering, or equivalent experience with 15+ years (or commensurate experience) 

 

Required Skills and Experience 

 

  • 10+ years of progressive networking and security experience, including 5+ years in architecture/lead roles. 
  • Deep, demonstrable expertise with Palo Alto Networks NGFW architecture and deployment at enterprise scale. 
  • Extensive experience with Cisco routing and switching design across enterprise LAN/WAN and data center environments. 
  • Strong experience designing and deploying McAfee Web Gateway/Web Security Proxy and cloud secure web gateway solutions (e.g., Zscaler). 
  • In-depth knowledge of TCP/IP, routing protocols, switching, VLANs, VRFs, ACLs, NAT, QoS, DNS/DHCP/NTP. 
  • Expertise in VPN technologies (IPsec, SSL/TLS), secure remote access, and zero-trust network architectures. 
  • Hands-on experience integrating security platforms with AD/LDAP, RADIUS/TACACS+, and 802.1X. 
  • Proven ability with automation and Infrastructure as Code (Ansible, Terraform, Python scripting) for network/security operations. 
  • Experience with logging / telemetry integration, SIEM, threat detection, and incident response processes. 
  • Strong documentation, architecture modeling, and stakeholder communication skills. 

 

Clearance Required: Must be able to attain and maintain an AOUSC Public Trust 

 
Preferred Skills and Experience 

  • Master’s preferred 
  • Relevant certifications: Palo Alto (PCNSE/PCNSA), Cisco (CCNP/CCIE), CISSP, SANS/GIAC. 
  • Experience with SD-WAN, SASE, cloud networking (AWS, Azure), and micro-segmentation technologies. 
  • Prior experience leading large-scale migrations, global rollouts, or managed security 

Posted Salary Range

USD $160,000.00 - USD $180,000.00 /Yr.

Similar Jobs

See all Remote Software Development jobs →

Personalize your Remote Job Search in 3 Easy Steps!

Discover remote opportunities in Architect

Answer easy questions

Answer easy questions

200,000+ jobs across 15+ categories

Get your best job matches

Get your best job matches

Only hand-screened, legit jobs

Find a remote job faster

Find a remote job faster

No ads, scams, or junk

I was the first applicant for a remote marketing position that got listed on the company website the same day I applied. Had an interview within 48 hours!

Sarah J. — Sarah J. · Marketing Manager ★★★★★ Verified