Staff Information Security Engineer (Vulnerability Management)

Confirmed live in the last 24 hours

Zscaler

Compensation

$115,500 - $165,000/year

Crystal City, Virginia, USA

Hybrid

Posted March 6, 2026

Job Description

About Zscaler

Zscaler accelerates digital transformation to ensure our customers can be more agile, efficient, resilient, and secure. As an AI-forward enterprise, we are constantly pushing the envelope, leveraging the world’s largest security data lake to power our cloud-native Zero Trust Exchange platform. This innovation protects our customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location.

Here, impact in your role matters more than title and trust is built on results. We say, impact over activity. We seek innovators who actively use AI to amplify their impact and who thrive in an environment where we leverage intelligent systems to stay ahead of evolving threats. We believe in transparency and value constructive, honest debate—we’re focused on getting to the best ideas, faster. We build high-performing teams that can make an impact quickly and with high quality. To do this, we are building a culture of execution centered on customer obsession, collaboration, ownership, and accountability.

We value high-impact, high-accountability with a sense of urgency where you’re enabled to do your best work and embrace your potential. If you’re driven by purpose, thrive on solving complex challenges, and want to be part of the team that’s helping to secure the AI age, we invite you to bring your talents to Zscaler and help shape the future of cybersecurity.

Role

We are looking for a Staff Information Security Engineer to join our Engineering team. This is a fully onsite role based in the Crystal City / Arlington, VA Area, reporting to the VP, Product Security. You will operate as a vulnerability management engineer inside the U.S. Federal IL6 (SCIF) environment. This role is critical to maintaining our multitenant architecture and global security footprint, ensuring we enable organizations worldwide to harness speed and agility while operating strictly within a U.S. SCIF and adhering to one-way diode transfer protocols.

What you’ll do (Role Expectations)

Design and execute authenticated and unauthenticated network and host scanning using IL6-approved tools like Tenable.sc or Nessus Manager within air-gapped environments
Build Python, Go, or PowerShell automations for scan orchestration, asset onboarding, policy tuning, and diode-ready reporting formats
Drive collaboration with IL6 service owners to eliminate exploitable risks and manage comprehensive patch and hardening campaigns
Produce weekly and monthly reporting aligned to IL6 program cadence and diode data transfer policies
Maintain essential documentation including runbooks, SOPs, exception governance, and change control processes within the SCIF environment

Who You Are (Success Profile)

You thrive in ambiguity. You're comfortable building the path as you walk it. You thrive in a dynamic environment, seeing ambiguity not as a hindrance, but as the raw material to build something meaningful.
You act like an owner. Your passion for the mission fuels your bias for action. You operate with integrity because you genuinely care about the outcome. True ownership involves leveraging dynamic range: the ability to navigate seamlessly between high-level strategy and hands-on execution.
You are a problem-solver. You love running towards the challenges because you are laser-focused on finding the solution, knowing that solving the hard problems delivers the biggest impact.
You are a high-trust collaborat