Key skills
IAMCommunicationCollaborationNetwork SecurityZero Trust
About this role
Brooksource is seeking a Network Engineer specializing in Zero Trust and Zscaler to support the Commonwealth's secure network access strategy. The role involves designing, deploying, and maintaining network access solutions, while collaborating with various internal teams to ensure security and compliance.
Responsibilities:
- Design, implement, and support secure network connectivity leveraging Zscaler Internet Access (ZIA), Zscaler Private Access (ZPA), and Zscaler Digital Experience (ZDX) as part of the Commonwealth’s Zero Trust architecture
- Engineer and maintain network access controls, segmentation strategies, and traffic routing policies to securely enable access to internal and external applications
- Collaborate with internal teams—including Network Engineering, Identity and Access Management (IAM), Security Operations, and Compliance —to ensure network access policies align with enterprise architecture and Zero Trust principles
- Integrate Zscaler services with the existing enterprise network infrastructure , including routing, DNS, proxy services, and secure application access
- Analyze legacy network architectures and translate them into modern, scalable network access models within the Zscaler platform
- Configure and maintain SSL/TLS inspection, network traffic forwarding, secure tunnels, and application segmentation policies
- Support rollout and operational stability of Zscaler deployments by applying network engineering best practices for performance, reliability, and scalability
- Troubleshoot network connectivity, access issues, and performance problems affecting user access to applications and services
- Provide engineering support across multiple agencies and business units to ensure reliable network access to mission-critical systems
- Develop and maintain network diagrams, configuration documentation, implementation procedures, and operational runbooks
- Coordinate with external vendors and internal stakeholders to support integration, upgrades, and ongoing network improvements
Requirements:
- Strong background in enterprise networking and network security engineering
- Experience designing and supporting secure access solutions, including Zero Trust architectures and platforms such as Zscaler
- Solid understanding of network protocols and infrastructure, including routing, DNS, TCP/IP, VPNs, proxy services, and secure traffic inspection
- Experience implementing network segmentation, access controls, and secure connectivity across distributed environments
- Ability to analyze complex and legacy network environments and translate them into modern, scalable network architectures
- Experience supporting large-scale enterprise or government network environments with compliance and regulatory requirements
- Strong troubleshooting, documentation, communication, and cross-team collaboration skills