Zero Trust and Zscaler Consultant

Overview Role: Zscalar and Zero Trust Solution Engineer Reports to: Client Services Program Manager Work Hours: 40 hour week OnPoint, a wholly-owned subsidiary of Sapient Government Services, is a vibrant, energetic, and growing ISO-certified technology and management consulting partner that provides critical thinking, strategic analysis, and thought leadership in a collaborative environment in an enduring effort to improve performance, lower costs, and achieve results for clients. We are guided by our principles: Clarity. Action. Results—for each client engagement we work to gain clarity, move into action, and achieve results. OnPoint specializes in delivering solutions in Cybersecurity, Enterprise Systems & Implementation Management, Cloud Architecture & Infrastructure Services, and Digital Communications & Strategic Marketing. Job Description Summary/Objective We are seeking a highly skilled Senior Cybersecurity & Infrastructure Engineer to design, implement, and support secure enterprise infrastructure with a strong focus on Zero Trust architecture and Zscaler cloud security platforms. This role bridges traditional infrastructure engineering and modern cybersecurity practices, ensuring resilient, scalable, and secure systems across on-premises and cloud environments. Responsibilities • Cybersecurity & Zero Trust • Design, implement, and maintain Zero Trust security architecture across enterprise networks and applications • Implement and manage Zscaler services (ZIA (Internet Access), ZPA (Private Access), ZDX (Digital Experience), CASB (Cloud Access Security Broker)) to secure user, application, and data access • Develop and enforce security policies aligned with Zero Trust principles (least privilege, continuous verification) • Monitor security events, investigate incidents, and coordinate remediation efforts • Partner with GRC (Governance, Risk, Compliance) teams to support compliance frameworks (NIST, ISO 27001, SOC 2) • Experience completing or optimizing existing Zero Trust implementations (vs. greenfield deployments) • Ability to apply Zero Trust principles and tools to AI workloads and support AI enablement and deployments • Demonstrated ability to drive adoption with skeptical user populations • Familiarity with additional Zero Trust tools beyond Zscaler, notably Palo Alto Prisma and Cloud Flare • Infrastructure & Cloud • Engineer and support enterprise infrastructure across on-prem, cloud (AWS, Azure, or GCP), and hybrid environments • Integrate security controls into network, server, and cloud infrastructure designs • Maintain and optimize identity and access management (IAM) integrations (SSO, MFA, IdP such as Azure AD or Okta) • Collaborate with networking teams on routing, firewalls, VPN replacements, and secure connectivity models • Automate infrastructure and security configurations using IaC tools (Terraform, ARM, Cloud Formation) • Experience producing RMF-aligned documentation and supporting ATO processes • Comfort operating in challenging environments and edge cases (OCONUS, low-bandwidth, BYOD, mixed identity, ZT applied to IOT, legacy app integration, hybrid identity, etc.) Qualifications Required Qualifications • 5+ years of experience in cybersecurity, infrastructure, or network engineering • Hands-on experience with Zscaler (ZIA and ZPA required; ZDX/CASB preferred) • Strong understanding of Zero Trust architecture and frameworks • Solid knowledge of enterprise networking (TCP/IP, DNS, routing, firewalls) • Experience securing cloud and hybrid environments • Familiarity with endpoint security, logging, and SIEM platforms • Understanding of RMF, AI RMF, FedRAMP, FISMA, CISA Zero Trust Maturity Model, NSA ZIGs, and agency-specific implementation challenges • Track record of knowledge transfer and building client capacity • Applying change management methods, engaging with senior leadership, leading discovery sessions, managing client relationships, etc. (i.e., soft skills) • Preferred Qualifications • Zscaler certifications (ZCCP, ZCSE) • Experience migrating from legacy VPNs to Zero Trust solutions • Cloud security experience (AWS Security Hub, Azure Defender, or equivalent) • Scripting or automation skills (Python, Power Shell, Bash) • Experience with EDR/XDR platforms (Crowd Strike, Sentinel One, Microsoft Defender) • Ability to use project and performance management skills to plan and deliver zero trust services. Other • Federal and/or Commercial experience • Technical troubleshooting support • Hybrid or remote work environment • Preferred: DoD Security Clearance • Self-motivated • Ability to maintain an extreme sense of urgency in all interactions with the customer • Exceptional email management and written communication skills • Solution-oriented • Ability to research, analyze, and create viable solutions • Strong technical attitude and ability to quickly learn and apply technical knowledge • Excellent troubleshooting and problem-solving skills • Ability to multi-task Additional Details • Supervisory Responsibility: This position has no supervisory responsibilities. • Remote/hybrid work environment. • Physical Demands: While… Apply tot his job Apply To this Job