Network security engineer Jobs in USA

Your Job

The Sr. Network Security Engineer (Zscaler Specialist) will be part of a global infrastructure organization responsible for designing, implementing, and delivering enterprise-grade secure access solution using cloud-delivered security, particularly Zscaler platform. This role will be instrumental in designing, implementing, and managing secure access solutions that protect enterprise users, applications, and data in a modern, cloud & on-prem environment. The engineer will work closely with architecture, security, operations, and vendors to ensure high-quality, scalable, and secure access.

Our Team

The KOCH Technologies Infrastructure team provides reliable, flexible, and secure connectivity solutions that enable business solutions and perpetual transformation. We manage network and network security infrastructure, including wide area networking, local area networking, wireless, firewalls, datacenter networking, load balancing, endpoint security, and proxies. We provide enterprise infrastructure monitoring for IT components across the enterprise. We are currently focused on the following transformation strategies: talent, proactive management, process optimization and automation, security by design, and adopting a service focused organization.

This role can be based in Wichita, KS / Plano, TX / Atlanta, GA / Green Bay , WI and requires an in office presence with flexibility.

This role is not eligible for VISA sponsorship.

What You Will Do

• Design, implement, and manage Zscaler Internet Access (ZIA), Zscaler Private Access (ZPA), and Zscaler Digital Experience (ZDX) solutions in alignment with Zero Trust Architecture (ZTA) principles.
• Define and enforce Zero Trust policies based on user identity, device posture, application context, and risk signals.
• Architect least-privileged access models ensuring users are granted access only to specific applications—not entire networks.
• Implement and optimize application segmentation and user-to-app access policies using ZPA.
• Continuously evaluate and improve trust evaluation mechanisms, including device compliance, user behaviour, and session context.
• Deploy and optimize SSL/TLS inspection, secure web gateway policies, CASB controls, and DLP frameworks within ZIA as part of Zero Trust data protection strategy.
• Monitor user experience and performance using ZDX and troubleshoot connectivity or latency issues.
• Collaborate with network, security, and vendor teams to ensure seamless and secure connectivity.
• Perform log analysis, incident response, and threat mitigation using Zscaler logs and SIEM tools.
• Ensure compliance with security standards and best practices.
• Stay updated with evolving Zero Trust frameworks and industry best practices.
• Document architecture, configurations, and operational procedures.
• Contribute to automation and standardization efforts (Ansible, Terraform, APIs).
• Identify inefficiencies and drive process, quality, and documentation improvements.
• Participate in design reviews, quality checks, and peer mentoring.
• Work directly with internal customers, project managers, and global stakeholders.
• Coordinate with OEMs, and system integrators for implementation and issue resolution.
• Provide clear communication on project status, risks, and dependencies.
• Participate in on-call rotations as part of a global team, including availability for planned weekend or off hours work during major implementations or migrations.

Who You Are (Basic Qualifications)

• Demonstrated experience in an enterprise network security field.
• Hands-on experience with Zscaler ZIA and ZPA, proxy technologies, VPN alternatives and secure remote access
• Strong understanding of Zero Trust Network Access (ZTNA)
• Experience with TCP/IP, DNS HTTP/HTTPS, SSL/TLS inspection
• Experience with Firewall and routing concepts
• Exposure to cloud platforms such as AWS, Microsoft Azure, or Google Cloud Platform (GCP)
• Understanding of cloud security principles and secure workload access.
• Familiarity with SIEM/Observability tools (e.g., Splunk, Grafana, LogicMonitor).

What Will Put You Ahead

• Zscaler certifications (e.g., ZCCA, ZCCP, ZCSP).
• Exposure to network automation (Python, Ansible, DevNet concepts).
• Experience with Branch/Cloud Connector deployments.
• Experience with other security platforms (CASB, SWG, EDR/XDR).
• Knowledge of cloud platforms such as AWS, Azure, or GCP.
• An open-minded individual who embraces challenges positively, KOCH Fit.
• Experience working in global delivery or follow-the-sun models.
• Experience in traffic forwarding methods (GRE/IPSec tunnels, PAC files, Client Connector)
• Experience integrating Zscaler with PingID, Azure AD, or similar IdPs.
• Familiarity with APIs for integrating and automating Zscaler workflows.

Our Benefits

Our goal is for each employee, and their families, to live fulfilling and healthy lives. We provide essential resources and support to build and maintain physical, financial, and emotional strength - focusing on overall wellbeing so you can focus on what matters most. Our benefits plan includes - medical, dental, vision, flexible spending and health savings accounts, life insurance, ADD, disability, retirement, paid vacation/time off, educational assistance, and may also include infertility assistance, paid parental leave and adoption assistance. Specific eligibility criteria is set by the applicable Summary Plan Description, policy or guideline and benefits may vary by geographic region. If you have questions on what benefits apply to you, please speak to your recruiter.

Additionally, everyone has individual work and personal needs. We seek to enable the best work environment that helps you and the business work together to produce superior results.