More jobs:
Zscaler Enterprise Architect
Job in
Salem, Marion County, Oregon, 97311, USA
Listed on 2026-07-17
Listing for:
GovCIO
Full Time
position Listed on 2026-07-17
Job specializations:
-
IT/Tech
Cybersecurity, Network Security, Systems Engineer, Cloud Computing: Infrastructure & Operations
Job Description & How to Apply Below
Suitability/Public Trust
Fully remote
Information Technology
** Overview*
* GovCIO is seeking an experienced Zscaler Enterprise Architect to define and deliver enterprise-wide firewall, web security proxy, and secure network architecture solutions across data centers, cloud, and distributed field locations. The Architect will set strategy, design scalable and highly available security platforms, lead complex implementations and migrations, and drive governance, automation, and continuous improvement of network security controls. This position will be within United States and will be fully remote.
** Responsibilities*
* + Define enterprise network security architecture and roadmap for next-generation firewalls, web security proxies, VPNs, and related controls across data centers, cloud, and branch/remote sites.
+ Lead design and implementation of Palo Alto Networks NGFW solutions at scale, including architecture patterns for segmentation, security policies, NAT, VPNs (IPsec/SSL), threat prevention, URL filtering, TLS/SSL decryption, and high-availability/clustering.
+ Architect and validate network designs for Cisco routing and switching across LAN/WAN, ensuring performance, resilience, and security for high-throughput environments.
+ Own architecture and deployment strategies for web security platforms (McAfee Web Gateway / Web Security Proxy) and cloud-based secure web gateways (e.g., Zscaler), including policy models, threat protection, content inspection, and telemetry integration.
+ Integrate network security solutions with enterprise identity and authentication services (Active Directory, LDAP, RADIUS, TACACS+, 802.1X), enabling centralized policy enforcement and role-based access controls.
+ Define secure network segmentation, micro-segmentation, and zero-trust network access strategies; produce reference architectures, design patterns, and configuration baselines.
+ Drive cross-functional security initiatives: large-scale firewall and proxy migrations, datacenter-to-cloud transition, SD-WAN and SASE adoption, and consolidation of security tooling.
+ Establish governance: security policy lifecycle, rulebase rationalization, change control, risk assessments, and exception processes.
+ Design and implement logging, telemetry, and monitoring architectures to surface threats, performance issues, and policy violations; integrate with SIEM, SOAR, and observability platforms.
+ Lead incident response for network security events, conduct root-cause analysis, and define remediation and preventative controls.
+ Optimize operational processes via automation and IaC (Ansible, Terraform, scripts) for deployment, configuration management, and compliance validation.
+ Provide technical leadership, mentor engineers, coordinate vendor engagements, and influence executive stakeholders on strategy, budgets, and roadmap.
+ Ensure architectures meet regulatory, compliance, and audit requirements; produce documentation, diagrams, and security design reviews.
** Qualifications*
* Bachelor's degree in Computer Science, Information Technology, Engineering, or equivalent experience with 15+ years (or commensurate experience)
Required Skills and Experience
+ 10+ years of progressive networking and security experience, including 5+ years in architecture/lead roles.
+ Deep, demonstrable expertise with Palo Alto Networks NGFW architecture and deployment at enterprise scale.
+ Extensive experience with Cisco routing and switching design across enterprise LAN/WAN and data center environments.
+ Strong experience designing and deploying McAfee Web Gateway/Web Security Proxy and cloud secure web gateway solutions (e.g., Zscaler).
+ In-depth knowledge of TCP/IP, routing protocols, switching, VLANs, VRFs, ACLs, NAT, QoS, DNS/DHCP/NTP.
+ Expertise in VPN technologies (IPsec, SSL/TLS), secure remote access, and zero-trust network architectures.
+ Hands-on experience integrating security platforms with AD/LDAP, RADIUS/TACACS+, and 802.1X.
+ Proven ability with automation and Infrastructure as Code (Ansible, Terraform, Python scripting) for network/security operations.
+
Experience with logging / telemetry integration, SIEM, threat…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×