About Zscaler

Zscaler accelerates digital transformation so our customers can be more agile, efficient, resilient, and secure. Our cloud native Zero Trust Exchange platform protects thousands of customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location.

Here, impact in your role matters more than title and trust is built on results. We believe in transparency and value constructive, honest debate—we’re focused on getting to the best ideas, faster. We build high-performing teams that can make an impact quickly and with high quality. To do this, we are building a culture of execution centered on customer obsession, collaboration, ownership and accountability.

We value high-impact, high-accountability with a sense of urgency where you’re enabled to do your best work and embrace your potential. If you’re driven by purpose, thrive on solving complex challenges and want to make a positive difference on a global scale, we invite you to bring your talents to Zscaler and help shape the future of cybersecurity.

We are looking for a Federal Security Platforms Lead (Principal Information Security Engineer) to join our Enterprise Security team. This is a full-time onsite role based in Crystal City, VA, reporting to the Director of Federal Security Operations.
You will build and own the security detection and response platform for a new, dedicated DoD/DoW IL6 cloud environment. In this role, you will architect Splunk Enterprise Security from the ground up, establish critical data pipelines and deliver high-fidelity automation to enable real-time threat response. Partnering across Zscaler, you will ensure our 24/7 federal security operations remain scalable, compliant, and mission-ready.

What you’ll do (Role Expectations)

Architect, implement, and optimize Splunk Enterprise Security from the ground up, including ingestion pipelines, CIM normalization, indexer/search head clustering, and HA/DR across DoD IL6 environment
Design, build, and tune high-fidelity detections mapped to MITRE ATT&CK and DoD threat profiles while managing the full content lifecycle, QA, version control, and false-positive reduction
Define telemetry requirements and lead onboarding for cloud, endpoint, identity, and network sources to ensure data quality, normalization, and enrichment to close coverage gaps
Develop SOAR automation and triage workflows, deliver analyst-facing dashboards and hunt workspaces, and partner with Incident Response for operationalization and continuous improvement
Operate the SIEM/SOAR platform for a 24/7 environment and ensure configurations, retention, encryption, and RBAC align with FedRAMP, DoD CC SRG, and DISA STIGs

Who You Are (Success Profile)

You thrive in ambiguity. You're comfortable building the path as you walk it. You thrive in a dynamic environment, seeing ambiguity not as a hindrance, but as the raw material to build something meaningful.
You are a problem-solver. You seek out challenges because you are energized by finding solutions, knowing that solving the hard problems delivers the biggest impact.
You are a high-trust collaborator. You are ambitious for the team, not just yourself. You embrace our challenge culture by giving and receiving ongoing feedback—knowing that candor delivered with clarity and respect is the truest form of teamwork and the fastest way to earn trust.
You operate with urgency. You understand that in a high-growth environment, speed and quality are not mutually exclusive. You have a relentless focus on execution and a bias for action, delivering high-impact results quickly to win for the customer and the team.
You are a pragmatic builder. You are obsessed with creating, iterating, and shipping. You aren't afraid to roll up your sleeves and build the first version yourself, balancing the drive for technical excellence with the need to deliver value to users quickly.

What We’re Looking for (Minimum Qualifications)

US Citizenship and an active U.S. Secret Security Clearance (Top Secret preferred), with a willingness to participate in an on-call rotation (nights and weekends)
8+ years of security engineering or operations in FedRAMP/DoD environments, supporting 24/7 mission needs
Experienced in architecting, administering, and optimizing clustered Splunk Enterprise Security deployments, including ingestion pipelines and CIM normalization across GovCloud/Secret regions
Skilled at configuring data retention, encryption, and indexer/search head clustering for resilient, compliant log management aligned to FedRAMP and DoD CC SRG
Proficient in SPL to build and tune correlation searches, dashboards, and risk-based alerting; partnered with IR to improve signal quality and reduce false positives

What Will Make You Stand Out (Preferred Qualifications)

Experience operating in U.S. government cloud regions (AWS GovCloud/Secret; Azure Government/Azure DoD/Azure Secret) with DoDIL6 constraints
Have or be able to obtain advanced DoD 8140 DCWF certification
Expertise automating security workflows with Python or PowerShell, including SOAR playbooks, enrichment pipelines, and CI/CD for content deployment

#LI-Onsite #LI-KM9

Zscaler’s salary ranges are benchmarked and are determined by role and level. The range displayed on each job posting reflects the minimum and maximum target for new hire salaries for the position across all US locations and could be higher or lower based on a multitude of factors, including job-related skills, experience, and relevant education or training.

The base salary range listed for this full-time position excludes commission/ bonus/ equity (if applicable) + benefits.

Base Pay Range

$161,000—$230,000 USD

At Zscaler, we are committed to building a team that reflects the communities we serve and the customers we work with. We foster an inclusive environment that values all backgrounds and perspectives, emphasizing collaboration and belonging. Join us in our mission to make doing business seamless and secure.

Our Benefits program is one of the most important ways we support our employees. Zscaler proudly offers comprehensive and inclusive benefits to meet the diverse needs of our employees and their families throughout their life stages, including:

Various health plans
Time off plans for vacation and sick time
Parental leave options
Retirement options
Education reimbursement
In-office perks, and more!

Learn more about Zscaler’s Future of Work strategy, hybrid working model, and benefits here.

By applying for this role, you adhere to applicable laws, regulations, and Zscaler policies, including those related to security and privacy standards and guidelines.

Zscaler is committed to providing equal employment opportunities to all individuals. We strive to create a workplace where employees are treated with respect and have the chance to succeed. All qualified applicants will be considered for employment without regard to race, color, religion, sex (including pregnancy or related medical conditions), age, national origin, sexual orientation, gender identity or expression, genetic information, disability status, protected veteran status, or any other characteristic protected by federal, state, or local laws. See more information by clicking on the Know Your Rights: Workplace Discrimination is Illegal link.

Pay Transparency

Zscaler complies with all applicable federal, state, and local pay transparency rules.

Zscaler is committed to providing reasonable support (called accommodations or adjustments) in our recruiting processes for candidates who are differently abled, have long term conditions, mental health conditions or sincerely held religious beliefs, or who are neurodivergent or require pregnancy-related support.

Federal Security Platforms Lead (Principal Information Security Engineer)

Related Jobs

Account Executive - Industrial Vertical

Plumber III

Plumber II

Plumber II

Product Owner

Chef de Cuisine/Executive Chef