Contractor

Job Description – Security Analyst (Zero Trust & Zscaler)

Position: Security Analyst – Zero Trust Security
Location: Flexible / Hybrid / Onsite - NYC - NY

• Configure, administer, and maintain Zscaler Private Access (ZPA) environments.
• Design and implement Zero Trust access policies based on user identity, device posture, application sensitivity, and business requirements.
• Profile and analyze user access patterns to ensure least-privilege access and reduce security risks.
• Create, modify, and optimize access control policies for internal applications and services.
• Collaborate with Identity and Access Management (IAM) teams to integrate authentication and authorization controls.
• Monitor ZPA logs, user activities, and security events to identify anomalies and potential threats.
• Troubleshoot user connectivity and access issues within Zscaler environments.
• Conduct periodic reviews of access permissions and recommend policy improvements.
• Support security audits, compliance initiatives, and risk assessments related to access management.
• Develop and maintain documentation for ZPA configurations, policies, and operational procedures.
• Work closely with network, infrastructure, and application teams to onboard applications into the Zero Trust framework.

• Strong experience with Zscaler Private Access (ZPA) administration and policy configuration.
• Good understanding of Zero Trust Architecture (NIST 800-207) principles and implementation.
• Experience profiling users, applications, and access requirements to build secure access policies.
• Knowledge of Identity Providers (IdPs) such as:
• Ping Identity
• ADFS
• Experience with authentication technologies including:
• SAML
• OAuth
• OpenID Connect (OIDC)
• Understanding of networking concepts including DNS, TCP/IP, VPN, SSL/TLS, and application connectivity.
• Experience with security monitoring, log analysis, and incident investigation.
• Familiarity with SIEM platforms such as Splunk, Microsoft Sentinel, or QRadar.

• Experience with additional Zscaler products such as:
• Zscaler Internet Access (ZIA)
• Zscaler Digital Experience (ZDX)
• Knowledge of cloud security concepts across AWS, Azure, or GCP.
• Experience with Privileged Access Management (PAM) solutions.
• Security+
• Zero Trust Architecture
• Zscaler Private Access (ZPA)
• Identity & Access Management
• Access Policy Management
• User Access Profiling
• Security Monitoring & Analysis