Sr. Network Security Architect Zscaler - Remote

Job Title: Sr. Network Security Architect - Zscaler- Remote - Duration: 6 Months CTHLocation: remoteThe client needs someone who is comfortable with... making decisions and backing it up with solid points if we disagree. This role requires a: Security-focused Network Architect with deep Zscaler expertise, strong Zero Trust experience, and the ability to independently design and troubleshoot complex environments. 1) Zscaler Expertise (Mandatory) This is the most critical requirement. Strong hands-on experience with Zscaler platforms: ZIA (Internet Access) ZPA (Private Access) ZDX (Digital Experience) Experience configuring policies, SSL inspection, and application access Experience deploying and managing ZPA App Connectors Recruiter takeaway: If the candidate does not have deep, hands-on Zscaler experience, they are not a fit. 2) Zero Trust Architecture Experience designing and implementing Zero Trust Architecture Understanding of identity-based access vs traditional perimeter security Experience aligning security architecture with enterprise strategy Recruiter takeaway: Look for candidates who have designed or led Zero Trust initiatives—not just supported them. 3) Network Security + Networking Fundamentals Strong understanding of: IPSec and GRE tunnels DNS architecture Secure Web Gateways Routing and network protocols Ability to troubleshoot at both network and security layers Recruiter takeaway: Candidate must be strong in both networking and security. One without the other will not be sufficient. 4) Cloud Security and Identity Integration Experience integrating with identity platforms such as: Microsoft Azure AD CyberArk Understanding of secure access in cloud and hybrid environments Recruiter takeaway: Look for candidates who understand how identity ties into network security (especially in Zscaler/ZPA environments). 5) Advanced Troubleshooting (Critical Differentiator) Ability to troubleshoot complex, non-standard, and legacy environments Strong experience with log analysis and traffic inspection Comfortable working through ambiguous or undefined issues independently Recruiter takeaway: This role requires someone who can operate without heavy direction. Candidates should demonstrate ownership of complex problem-solving. 6) Security-First Mindset Background in penetration testing, red teaming, or offensive security is a strong plus Ability to think from an attacker’s perspective when designing defenses Recruiter takeaway: Prioritize candidates who approach architecture from a security-first standpoint, not just infrastructure. 7) Architecture and Leadership Experience Experience designing scalable security solutions Ability to collaborate across security, network, and IAM teams Strong documentation and communication skills Recruiter takeaway: This is an architect-level role. Candidates should demonstrate ownership of design, not just implementation. Quick Screening Checklist Use this to qualify candidates quickly: Hands-on experience with Zscaler (ZIA, ZPA, ZDX) Experience designing or implementing Zero Trust Architecture Strong networking fundamentals (IPSec, DNS, routing) Experience troubleshooting complex or legacy environments independently Exposure to identity integrations (Azure AD, CyberArk) Common Red Flags Only “exposure” to Zscaler without hands-on implementation Strong firewall/network background but limited security architecture experience No experience with Zero Trust concepts or implementations Candidates who rely on structured environments and lack experience handling ambiguity IMPORTANT SOFT SKILLS: Operates independently, thinks like a security architect, communicates clearly, and can navigate complex, ambiguous environments without relying on structure. DAY IN THE LIFE: This is a hands-on security architect role, not a passive design position. The day is a mix of: Designing and implementing solutions in Zscaler Troubleshooting complex network/security issues Collaborating with network, security, and IAM teams Driving Zero Trust initiatives forward A hands-on security architect role focused on Zscaler and Zero Trust, where you’ll design, implement, and troubleshoot complex network security solutions while working across teams in a dynamic, often non-standard environment. Zscaler Certifications: ZCP, ZDTA, ZDTE, ZDXA (or equivalent) Experience with additional security platforms such as Palo Alto and Cisco Strong written and verbal communication skills with the ability to document architecture and processes clearly Offensive Security Background Exposure to: Penetration testing Red teaming Vulnerability assessments Recruiter takeaway: Candidates with this background tend to design more resilient, threat-aware architectures. Zscaler (ZIA/ZPA/ZDX) + network security technologies (VPN, DNS, SWG) + identity platforms (Azure AD, CyberArk) + logging/troubleshooting tools Nice-to-Have Skillsets 1) Zscaler Certifications Certifications such as: ZCP, ZDTA, ZDTE, ZDXA Recruiter takeaway: Helpful for validating expertise, but should not outweigh real-world, hands-on Zscaler experience. 8–12+ years total experience At least 3–5+ years in security-focused roles Demonstrated architect-level ownership (not just engineer tasks) Strong exposure to Zero Trust and modern security frameworks *experience weighs more than certifications This is a hands-on security architect role where you’ll lead Zscaler and Zero Trust initiatives, work on complex real-world environments, and have full ownership over design and implementation—without being stuck in day-to-day operational noise. This is a lead role This role is centered around: Expanding and optimizing Zscaler Driving Zero Trust adoption Modernizing legacy infrastructure Improving secure connectivity and identity-driven access These are high-impact, ongoing initiatives, not one-off projects—ideal for candidates who want ownership and long-term influence. Thank you,Shiva Mittal