Principal Consultant – Zero Trust, ZTNA & Secure Access (Zscaler) at DevAltus – Boston, Massachusetts

Key Responsibilities

Architecture & Solution Design

• Design and deliver end-to-end Zero Trust architectures leveraging ZTNA (ZPA), ZIA, and SSE/SASE frameworks
• Architect DIA-first strategies that eliminate centralized egress and legacy network dependencies
• Ensure all access decisions are based on identity, device posture, and context, not network location
• Lead the transition away from VPN and MPLS to modern secure access models

Hands-On Implementation & Build

• Lead full lifecycle Zscaler implementations across enterprise environments
• Configure and optimize ZIA traffic forwarding and ZPA segmentation
• Design, implement, and continuously refine ZIA policies including URL filtering, SSL inspection, CASB, and DLP
• Troubleshoot complex issues across TLS, DNS, proxy, and application layers
• Optimize for performance, security, and operational scalability

SD-WAN & Network Integration

• Integrate Zscaler with leading SD-WAN platforms
• Implement DIA-based traffic steering using GRE/IPsec tunnels
• Eliminate assumptions of trusted networks and legacy routing models

Technical Leadership

• Serve as a hands-on technical leader across design and delivery
• Establish reusable architecture patterns, standards, and best practices
• Mentor engineers and elevate client technical capabilities

Client Engagement

• Act as a trusted advisor on Zero Trust transformation and secure access strategy
• Lead technical discovery, solution validation, and stakeholder alignment
• Clearly communicate architectural shifts and business impact

Compliance & Risk Alignment

• Align solutions with frameworks such as NIST, NERC-CIP, and ISO
• Ensure designs are audit-ready, secure, and compliant with regulatory requirements

• Work Authorization: Must be legally authorized to work in the United States without employer sponsorship
• Location Requirement: Must be a resident of the continental United States
• 8–12+ years of experience in network security, Zero Trust, or secure access architecture roles
• Deep expertise in Zscaler (ZIA & ZPA), including policy design, optimization, and troubleshooting
• Strong experience designing and implementing Zero Trust Network Access (ZTNA) and SSE/SASE architectures
• Proven experience building DIA-first architectures and eliminating VPN/MPLS-based designs
• Strong knowledge of networking fundamentals including DNS, TLS, proxy architectures, and traffic flow design
• Experience integrating Zscaler with SD-WAN platforms and implementing GRE/IPsec tunnels
• Solid understanding of identity providers such as Entra ID (Azure AD) or Okta, including conditional access and device posture
• Experience with security policy frameworks including URL filtering, SSL inspection, CASB, and DLP
• Familiarity with automation using APIs, Terraform, or similar tooling is a plus
• Experience working in regulated industries (e.g., energy, utilities, finance, healthcare) preferred
• Strong troubleshooting skills across network and application layers
• Excellent communication skills with experience engaging both technical teams and business stakeholders
• Demonstrated ability to operate as a hands-on builder across both architecture and implementation

• Experience with identity providers such as Entra ID (Azure AD) or Okta in Zero Trust architectures
• Familiarity with endpoint management and device posture enforcement (e.g., Intune, CrowdStrike)
• Experience with automation using Terraform, APIs, or infrastructure-as-code for Zscaler deployments
• Exposure to enterprise compliance frameworks such as NIST, NERC-CIP, or ISO, and collaboration with SOC/SIEM teams
• Knowledge of SIEM platforms (e.g., QRadar, Splunk) and integrating Zscaler logs for visibility and response
• Experience integrating third-party security tools into SSE/SASE ecosystems
• Familiarity with cloud security architectures across Azure, AWS, or GCP
• Exposure to performance monitoring and user experience optimization within secure access environments
• Experience supporting large-scale enterprise transformations from legacy network models to Zero Trust