Senior Network Engineer with Zscaler(NEED ONLY US CITIZENS

Title: Senior Network Engineer with ZscalerLocation: Pleasanton,CA(Hybrid (50% in-office at Pleasanton HQ / 50% remote))Job Type: ContractMust have skills● 5+ years in enterprise network engineering (routing, switching, VPN/SD WAN, TCP/IP, DNS, HTTP/S). ● Strong hands on experience with Zscaler ZIA and ZPA in production (design, rollout, support, troubleshooting). ● Current Zscaler certification (Associate/Professional/Architect or equivalent). ● Proven integration experience with Palo Alto firewalls , Cisco network infrastructure , and Okta for identity/SSO and group-based policy. ● Strong troubleshooting skills across end to end flows (client, Cisco network, Palo Alto, Zscaler, app), including logs and packet captures. ● Experience mentoring junior/peer engineers and working closely with a Principal/Lead engineer. ● Excellent communication skills for partnering with internal project teams and taking intake for new Zscaler-related projects . Nice to have ● Scripting/automation (Python, Ansible, Terraform or similar) for network/security workflows. ● Experience in hybrid/multi cloud and/or regulated, security sensitive environmentsRole Summary We are seeking a Senior Zscaler Network Engineer (Contractor) to enhance our current Zscaler rollout capacity and strengthen day-to-day operational support. This role will focus on Zscaler Internet Access (ZIA) , Zscaler Private Access (ZPA) , and their integration with Palo Alto firewalls , Cisco networking , and Okta . The engineer will work closely with an existing Principal Network Engineer (FTE) and the broader network/security teams to: ● Scale and optimize our ZIA and ZPA deployments ● Troubleshoot complex, day-to-day Zscaler and network issues ● Own technical intake and assessment for new Zscaler-related projects from internal organizations ● Mentor and upskill other team members on Zscaler and related network and identity technologies The ideal candidate is Zscaler-certified , highly hands-on, and comfortable in a fast-paced enterprise environment. The position is hybrid , with approximately half of the time spent onsite at our Pleasanton, CA HQ and half working remotely. Key Responsibilities Zscaler Rollout & Implementation (ZIA / ZPA) ● Execute and enhance the rollout of ZIA and ZPA for users, sites, and applications in partnership with the Principal Network Engineer (FTE). ● Implement and refine Zscaler policies, traffic forwarding methods (including PAC files, GRE/IPsec tunnels, and Zscaler Client Connector), and configurations to support new locations, user groups, and applications. ● Contribute to implementation plans, change requests, and repeatable runbooks to ensure consistent, high-quality deployments. Integration with Palo Alto, Cisco, and Okta ● Integrate and optimize Zscaler with Palo Alto firewalls and Cisco network infrastructure (routing, switching, SD-WAN/VPN) for secure internet egress and private access.● Implement and maintain Okta integration for authentication, SSO, and user/group-based policy enforcement in Zscaler. ● Work with security and identity teams to align policies across Zscaler, Palo Alto, Cisco, and Okta. Day-to-Day Operations & Troubleshooting ● Serve as a senior escalation point for Zscaler-related incidents and requests. ● Perform detailed troubleshooting across endpoints, Cisco network paths, Palo Alto firewalls, Zscaler (ZIA/ZPA), and applications to resolve connectivity, performance, and policy issues. ● Collaborate with internal teams and vendors to drive issues to root cause and permanent remediation. ● Improve monitoring, logging, and alerting for ZIA and ZPA, leveraging existing tools and SIEM integrations.Project Intake & Delivery ● Act as a technical contact for new project intake where Zscaler is a dependency (e.g., onboarding new applications to ZPA, new sites or user groups to ZIA, or new security requirements). ● Assess requirements from internal teams, identify Zscaler, Palo Alto, Cisco, and Okta impacts, and propose appropriate technical designs and implementation approaches. ● Provide effort estimates, dependencies, and clear technical tasks to support project planning and execution. Mentoring & Team Enablement ● Mentor and coach other network and security engineers on ZIA, ZPA, Palo Alto, Cisco, and Okta integrations. ● Share best practices through documentation, knowledge-transfer sessions, and active participation in design and review discussions. ● Help standardize operational procedures, troubleshooting playbooks, and checklists for the broader team. Documentation & Standards ● Maintain and improve technical documentation for Zscaler deployments, policies, integrations, and operational workflows. ● Contribute to standards for Zscaler configuration, change management, and overall security posture across Zscaler, Palo Alto, Cisco, and Okta. Required Qualifications● 5+ years of experience in network engineering in medium-to-large enterprise environments. ● Strong, hands-on experience deploying and supporting Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA) in production. ● Current Zscaler certification (e.g., Zscaler Certified Associate / Professional / Architect or equivalent). ● Practical experience integrating Zscaler with: ○ Palo Alto firewalls ○ Cisco networking (routing, switching, VPN/SD-WAN) ○ Okta for identity, SSO, and group-based access ● Solid understanding of: ○ TCP/IP, DNS, HTTP/HTTPS, SSL/TLS ○ Routing, switching, VPNs, and SD-WAN ○ Zero Trust Network Access (ZTNA) principles and secure remote access patterns ● Proven ability to troubleshoot complex network and security issues using logs, packet captures, and systematic analysis across multiple platforms (Zscaler, Palo Alto, Cisco, Okta). ● Strong communication skills, with the ability to interact effectively with engineers, project managers, and non-technical stakeholders. ● Demonstrated experience mentoring or supporting less-experienced engineers. Preferred Qualifications ● Experience working alongside Principal/Lead Network Engineers or Architects on large-scale network/security rollouts. ● Familiarity with automation and scripting (e.g., Python, Terraform, Ansible or similar) to support network and security operations. ● Experience in hybrid or multi-cloud environments and remote-first user populations. ● Background in regulated or security-sensitive industries.ThanksAatmesh