Key skills
Zscaler Private Access (ZPA)Zero Trust Network Access (ZTNA)Azure ADOktaSingle Sign-On (SSO)DNSVPNFirewallsRoutingHIPAAPCI-DSSNISTZscaler Internet Access (ZIA)Security Information and Event Management (SIEM)Endpoint ProtectionVulnerability ScannersPowerShellPythonZscaler Certified Professional – ZPACISSPCISMAnalyticsAzureIAMSSOMentoringCommunicationZero Trust
About this role
Envision is a leading national medical group focused on delivering high-quality care to patients when and where they need it most. The Cybersecurity Engineer – Zscaler is responsible for the design, implementation, and ongoing management of secure remote access solutions using Zscaler Private Access, collaborating with cross-functional teams to define access policies and optimize performance.
Responsibilities:
- Designs, deploys, and leads the implementation of Zscaler Private Access (ZPA) solutions, ensuring alignment with enterprise security frameworks and Zero Trust principles
- Develops and maintains ZPA policies, including segmentation and access control rules to enforce least-privilege access
- Leads troubleshooting and incident response efforts related to ZPA infrastructure, identifying root causes and implementing solutions
- Collaborates with global IT, network, application, and security teams to integrate ZPA with legacy and modern systems across hybrid environments
- Monitors, analyzes, and optimizes ZPA performance and security posture, using logs and analytics to identify risks and drive continuous improvement
- Provides advanced technical guidance, training, and mentoring to internal team members
- Maintains and continuously improves documentation related to ZPA architecture, configurations, policies, and operational procedures
- Stays current of emerging threats, Zscaler platform updates, and industry best practices, and proactively implement enhancements to ensure robust cybersecurity defenses
- Supports compliance and audit initiatives, providing advanced knowledge on secure access controls and remote connectivity
- Supports broader cybersecurity initiatives, including integration with SIEM, IAM, and endpoint protection platforms
Requirements:
- Proven experience managing Zscaler, specifically Zscaler Private Access (ZPA) in a large enterprise environment
- Strong understanding of Zero Trust Network Access (ZTNA) concepts and architecture
- Experience with identity providers (e.g., Azure AD, Okta) and SSO integrations
- Familiarity with networking concepts including DNS, VPN, firewalls, and routing
- Ability to work independently and collaboratively in a fast-paced environment
- Strong analytical and problem-solving skills
- Excellent written and verbal communication skills
- Bachelor's degree in computer science, Cybersecurity, or related field, or equivalent experience required
- 4 years of experience in cybersecurity or network engineering roles; including 1-year hands-on experience with Zscaler Private Access (ZPA) required
- Experience with regulatory standards such as HIPAA, PCI-DSS, NIST
- Proficiency with Zscaler ZPA and ZIA platforms
- Familiarity with security tools such as SIEM, endpoint protection, and vulnerability scanners
- Healthcare Cybersecurity experience a plus
- Experience with scripting or automation tools (e.g., PowerShell, Python) is a plus
- Zscaler Certified Professional – ZPA preferred
- CISSP, CISM, or other relevant security certifications are a plus