OnPoint · 1 day ago
Zero Trust and Zscaler Consultant
Fairfax, VA
Full-time
Hybrid
Senior Level
5+ years expOnPoint is a vibrant technology and management consulting partner, seeking a highly skilled Senior Cybersecurity & Infrastructure Engineer. The role focuses on designing, implementing, and supporting secure enterprise infrastructure with an emphasis on Zero Trust architecture and Zscaler cloud security platforms.
Cyber SecurityEnterprise SoftwareInformation Technology
No H1B
U.S. Citizen Only
Responsibilities
Design, implement, and maintain Zero Trust security architecture across enterprise networks and applications
Implement and manage Zscaler services (ZIA (Internet Access), ZPA (Private Access), ZDX (Digital Experience), CASB (Cloud Access Security Broker)) to secure user, application, and data access
Develop and enforce security policies aligned with Zero Trust principles (least privilege, continuous verification)
Monitor security events, investigate incidents, and coordinate remediation efforts
Partner with GRC (Governance, Risk, Compliance) teams to support compliance frameworks (NIST, ISO 27001, SOC 2)
Experience completing or optimizing existing Zero Trust implementations (vs. greenfield deployments)
Ability to apply Zero Trust principles and tools to AI workloads and support AI enablement and deployments
Demonstrated ability to drive adoption with skeptical user populations
Familiarity with additional Zero Trust tools beyond Zscaler, notably Palo Alto Prisma and CloudFlare
Engineer and support enterprise infrastructure across on-prem, cloud (AWS, Azure, or GCP), and hybrid environments
Integrate security controls into network, server, and cloud infrastructure designs
Maintain and optimize identity and access management (IAM) integrations (SSO, MFA, IdP such as Azure AD or Okta)
Collaborate with networking teams on routing, firewalls, VPN replacements, and secure connectivity models
Automate infrastructure and security configurations using IaC tools (Terraform, ARM, CloudFormation)
Experience producing RMF-aligned documentation and supporting ATO processes
Comfort operating in challenging environments and edge cases (OCONUS, low-bandwidth, BYOD, mixed identity, ZT applied to IOT, legacy app integration, hybrid identity, etc.)
Qualification
Required
5+ years of experience in cybersecurity, infrastructure, or network engineering
Hands-on experience with Zscaler (ZIA and ZPA required; ZDX/CASB preferred)
Strong understanding of Zero Trust architecture and frameworks
Solid knowledge of enterprise networking (TCP/IP, DNS, routing, firewalls)
Experience securing cloud and hybrid environments
Familiarity with endpoint security, logging, and SIEM platforms
Understanding of RMF, AI RMF, FedRAMP, FISMA, CISA Zero Trust Maturity Model, NSA ZIGs, and agency-specific implementation challenges
Track record of knowledge transfer and building client capacity
Applying change management methods, engaging with senior leadership, leading discovery sessions, managing client relationships, etc. (i.e., soft skills)
Preferred
Zscaler certifications (ZCCP, ZCSE)
Experience migrating from legacy VPNs to Zero Trust solutions
Cloud security experience (AWS Security Hub, Azure Defender, or equivalent)
Scripting or automation skills (Python, PowerShell, Bash)
Experience with EDR/XDR platforms (CrowdStrike, SentinelOne, Microsoft Defender)
Ability to use project and performance management skills to plan and deliver zero trust services
Preferred: DoD Security Clearance
Company
OnPoint
OnPoint is delivering secure IT infrastructure, enterprise systems and solutions for the U.S. federal government.
11-50 employees
Funding
Current Stage
Growth StageTotal Funding
$50MKey Investors
Temasek Holdings
2022-06-27Series B· $50M
Leadership Team
Jeff Mercurio, MS
Strategic Partnership Coordinator
Recent News
Portland Business Journal
2024-04-23
Company data provided by crunchbase