Job Requirements
Fairfax, VA
Public Trust Polygraph Unspecified
Career Level not specified
$150,000 - $190,000
Job Description
Zachary Piper Solutions is seeking a Zscaler Security Architect to support DHS CISA remotely. The customer is seeking an individual with expertise designing, deploying, and maintaining security solutions to protect the agency networks using Secure Web Gateway and Zero Trust Network Access capabilities using Zscaler.
Location: Fairfax, VA (100% remote)
Clearance: Must be eligible to obtain a DHS EOD clearance
This job opens for applications on 3/20/2026. Applications for this job will be accepted for at least 30 days from the posting date
Responsibilities of the Security Architect:
Qualifications of the Security Architect:
Compensation for the Security Architect:
#LI-MK1 #LI-Onsite
Keywords: Cybersecurity engineering, information security, network security, cloud security, zero trust architecture, splunk, IAM, Zscaler ZIA, Zscaler ZPA, firewall management, VPN technologies, secure network design, intrusion detection and prevention systems (IDS/IPS), SIEM, security monitoring, threat detection, remote, SOC, SOAR, incident response, vulnerability management, penetration testing, malware analysis, endpoint security, identity and access management (IAM), multi-factor authentication (MFA), encryption, Palo alto, network, SIEM, EDR, endpoint, endpoint detection, top secret, secret, public trust, DHS, DoD, Zero trust, Federal, opentowork, hiring, PKI, TLS/SSL, data loss prevention (DLP), security policy development, cloud platforms AWS, Azure, GCP, on-premises to cloud migration, TCP/IP, DNS, HTTP/S, Wireshark, TCPDump, log analysis, risk assessment, compliance frameworks NIST, ISO 27001, CIS, FedRAMP, security automation, DevSecOps, Agile SAFe, scripting Python, PowerShell, Bash, architecture documentation, security best practices, cross-functional collaboration
Location: Fairfax, VA (100% remote)
Clearance: Must be eligible to obtain a DHS EOD clearance
This job opens for applications on 3/20/2026. Applications for this job will be accepted for at least 30 days from the posting date
Responsibilities of the Security Architect:
- Architect, implement, and maintain Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA) solutions to protect internet traffic and enable secure access to private applications.
- Configure, manage, and optimize network security components-such as proxies, firewalls, and VPNs-in alignment with Zscaler architectures and best practices.
- Lead the migration of security policies from on-premises environments to cloud-based Zscaler platforms, ensuring seamless integration with existing enterprise infrastructure.
- Analyze and resolve complex network and security issues using tools such as Wireshark and TCPDump; support incident response and root-cause analysis efforts.
- Implement and manage monitoring capabilities to identify, respond to, and mitigate security threats, while continuously tuning performance and improving system reliability.
- Partner with network engineers, security analysts, and application teams to integrate security controls across the enterprise, delivering solutions within a SAFe Agile framework.
- Create and maintain comprehensive documentation, including architecture diagrams, deployment manuals, and configuration and installation guides.
Qualifications of the Security Architect:
- Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field (or equivalent experience).
- Due to the nature of the contract requirements, U.S. citizenship and successful completion of a background check are required prior to beginning work. In addition, candidates must have the ability to obtain and maintain a DHS EOD/Public Trust clearance.
- 2+ years of hands-on experience in network security engineering/architecture, including firewalls, routers, switches, load balancers, and sensors.
- 1+ years of experience configuring Zscaler.
- Proficient in configuring and managing Zscaler products, including ZIA and ZPA.
- Experience with network protocols, LAN/WAN configurations, and cloud platforms such as Azure.
- Strong understanding of Zero Trust architecture principles and experience with security tools like Secure Web Gateway (SWG), CASB, DLP, etc.
- Strong knowledge of SASE, cloud networking, ZTNA, SD-WAN, and VPN alternatives, with hands-on configuration of DLP, SSL inspection, URL filtering, sandboxing, and SaaS security.
- Proficiency in automation tools such as Terraform, Ansible, or Python for infrastructure-as-code and reusable Prisma configurations.
Compensation for the Security Architect:
- Total compensation based on experience level - $150,000-$190,000+ **based on degree and total years of experience**
- Full Benefits: PTO/Holidays, Medical, Dental, and Vision, 401k with ADP
- Certification reimbursement
- Fully remote work
- Job stability and contract mobility through Zachary Piper Solutions
#LI-MK1 #LI-Onsite
Keywords: Cybersecurity engineering, information security, network security, cloud security, zero trust architecture, splunk, IAM, Zscaler ZIA, Zscaler ZPA, firewall management, VPN technologies, secure network design, intrusion detection and prevention systems (IDS/IPS), SIEM, security monitoring, threat detection, remote, SOC, SOAR, incident response, vulnerability management, penetration testing, malware analysis, endpoint security, identity and access management (IAM), multi-factor authentication (MFA), encryption, Palo alto, network, SIEM, EDR, endpoint, endpoint detection, top secret, secret, public trust, DHS, DoD, Zero trust, Federal, opentowork, hiring, PKI, TLS/SSL, data loss prevention (DLP), security policy development, cloud platforms AWS, Azure, GCP, on-premises to cloud migration, TCP/IP, DNS, HTTP/S, Wireshark, TCPDump, log analysis, risk assessment, compliance frameworks NIST, ISO 27001, CIS, FedRAMP, security automation, DevSecOps, Agile SAFe, scripting Python, PowerShell, Bash, architecture documentation, security best practices, cross-functional collaboration
group id: 10430981
