Zero Trust Security Engineer

Located in Vienna, VA, 3x/week on-site ***Non-local candidates will not be considered***About This RoleThe Zero Trust Security Engineer is responsible for driving the implementation of Zero Trust security rules, including formal requests to firewall teams, ongoing coordination, validation of changes, and post-implementation verification. This role is execution-focused and serves as the single point of accountability for ensuring Zero Trust rules are implemented correctly, completely, and auditably across firewall and security platforms.Key ResponsibilitiesRule Implementation & CoordinationTranslate Zero Trust analysis outputs into formal firewall and security rule requestsSubmit detailed implementation requests to firewall teams, including:Source identities (users, groups, roles)Destination applications, addresses, and servicesRequired ports, protocols, and application IDsEnsure requests meet firewall team standards and contain all required technical detailsCross-Team ExecutionAct as the primary liaison between Zero Trust, IAM, firewall engineering, and application teamsTrack firewall requests from submission through completionResolve implementation questions, clarifications, or discrepancies with firewall engineersValidation & VerificationValidate that implemented firewall rules exactly match approved Zero Trust requirementsPerform post-implementation testing to confirm:Authorized access works as expectedUnauthorized access is blockedIdentify and remediate misconfigurations, partial implementations, or policy driftAudit & Lifecycle ManagementEnsure all implemented rules are properly tagged, documented, and traceable to application and Zero Trust requirementsMaintain implementation records for audit, compliance, and reportingSupport ongoing refinement of Zero Trust rules as application access requirements evolveRequired Skills & ExperienceHands-on experience working with enterprise firewalls (Palo Alto preferred)Strong understanding of user-based and application-aware firewall policiesExperience submitting and managing firewall rule requests in enterprise environmentsAbility to validate security rule implementations and troubleshoot access issuesStrong coordination and communication skills across technical teamsPreferred QualificationsExperience implementing Zero Trust Network Access (ZTNA) solutionsFamiliarity with IAM, Entra ID groups, AD groups, and RBAC modelsExperience integrating firewall rules with application onboarding frameworksKnowledge of audit, compliance, and security reporting requirementsSuccess Looks LikeFirewall rules are requested properly and implemented right the first timeClean handoffs with minimal back and forthVerified, auditable Zero Trust enforcement across applicationsWe are an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. We do not discriminate on the basis of race, color, religion, sex, national origin, age, disability, genetic information, or any other protected characteristic under federal, state, or local laws.We are committed to employing only candidates who are legally authorized to work in the United States. For compliance with the Immigration Reform and Control Act of 1986, all new employees must complete the Employment Eligibility Verification Form I-9 and provide documentation establishing identity and authorization to work. E-Verify will be used for employment verification as part of the onboarding process.We value integrity throughout our hiring process. Candidates will be asked to provide documentation confirming employment history, education, and work authorization.