Zero Trust Security Analyst / Security Analyst

Dice is the leading career destination for tech experts at every stage of their careers. Our client, Smksoft, is seeking the following. Apply via Dice today!Job DescriptionThe Zero Trust Security Analyst is responsible for analyzing existing network, identity, and access configurations to determine what can be reused, refined, or newly created to support Zero Trust security policies. This role focuses on investigation, discovery, assessment, and design input rather than direct rule implementation.The analyst partners closely with Zero Trust Engineers, application owners, IAM teams, and network/security teams to ensure Zero Trust policies are aligned with the current enterprise environment while minimizing duplication, reducing overly permissive access, and supporting least-privilege security principles.Key ResponsibilitiesDiscovery & AnalysisAnalyze existing network security rules, firewall policies, address groups, and user/group-based access controls to determine applicability and reuse within a Zero Trust framework.Review identity sources such as Active Directory (AD), Microsoft Entra ID, Identity Governance & Administration (IGA), and RBAC structures to identify reusable groupings and role models.Assess application access patterns including:Web applicationsAdministrative consolesDatabasesAPIsInternal servicesIdentify required network paths, dependencies, and trust boundaries.Detect gaps, overlaps, legacy dependencies, and overly permissive controls that require remediation to align with Zero Trust principles.Zero Trust Readiness AssessmentEvaluate whether existing firewall rules, address objects, and identity groups can be leveraged or must be redesigned for Zero Trust enforcement.Define required new security objects, including:User groupsAddress groupsApplication definitionsMetadata dependenciesSupport application onboarding initiatives by validating that proposed Zero Trust controls enforce least-privilege access requirements.Documentation & HandoffProduce detailed analysis artifacts documenting:Existing configurations and controlsReusable security objects and policiesRequired new configurations and dependenciesProvide structured implementation inputs and onboarding documentation to Zero Trust Engineering and firewall administration teams.Maintain traceability between:ApplicationsSecurity objectsIdentity groupsZero Trust policiesSupport audit, compliance, and governance requirements through accurate documentation and evidence tracking.Required Skills & ExperienceStrong understanding of network security fundamentals including:FirewallsSecurity zonesLayer 4 / Layer 7 security policiesExperience analyzing enterprise firewall rule bases such as:Palo Alto NetworksSimilar enterprise firewall platformsFamiliarity with identity and access management concepts including:Active Directory (AD)Microsoft Entra IDRBAC modelsIdentity-based policy enforcementAbility to interpret complex security configurations and translate findings into actionable Zero Trust requirements.Strong analytical, documentation, and communication skills.Preferred QualificationsExperience with Zero Trust Network Access (ZTNA) solutions and user-based firewall policies.Exposure to IAM, IGA, and identity governance platforms.Familiarity with:CMDB environmentsApplication/service onboarding workflowsApplication identifiers and metadata mappingPrior experience supporting:Security assessmentsCompliance reviewsAudit readiness initiativesSuccess MetricsSuccessful candidates in this role will demonstrate:Accurate upfront analysis resulting in minimal engineering rework.Effective reuse of existing security controls where appropriate.Clear, actionable, and least-privilege Zero Trust requirements delivered to engineering teams.Strong traceability and documentation supporting compliance and operational efficiency.Improved alignment between identity, network, and application security controls within the Zero Trust model.