Zscaler, Proxy & Micro Segmentation Security

We are looking for an experienced and technically strong Senior Manager with 8-10 years of experience to lead and manage the organizations cloud security, proxy security, and micro segmentation environment.

The candidate will be primarily responsible for end-to-end management of Zscaler technologies including ZIA, ZPA, and ZDX, along with Symantec Proxy infrastructure and Data Center micro segmentation security operations aligned with Zero Trust architecture principles.

The role requires strong understanding of microsegmentation concepts, application traffic visibility, process-level communication analysis, and policy governance to secure east-west traffic within Data Center environments.

The candidate should also possess good awareness of enterprise network and security technologies to effectively coordinate with Network, Firewall, NAC, Server, and Application teams.

This is a senior leadership role requiring strong technical expertise, operational ownership, stakeholder management, and team leadership capabilities.

Key Responsibilities

Primary Responsibilities Zscaler & Proxy Security

• Manage complete administration, monitoring, and support of Zscaler: ZIA (Zscaler Internet Access), ZPA (Zscaler Private Access), ZDX (Digital Experience Monitoring)
• Manage Symantec Proxy infrastructure and internet access security operations.
• Configure, manage, and optimize: URL filtering policies, SSL inspection policies, Cloud application access policies, Web access and browsing control policies, User/group-based internet access policies, Bandwidth control and traffic shaping policies, File type control and malware protection policies, Application segmentation and private access policies, Authentication and SSO integrations, Security and access governance policies
• Perform troubleshooting related to:Internet access issues, Application accessibility, Slow browsing and latency, VPN and remote user access, Authentication and SSO failures, SSL inspection issues, User policy mismatch, Cloud application connectivity
• Monitor and analyze: Proxy traffic logs, Security alerts, Threat visibility dashboards, User experience monitoring, Bandwidth utilization, Application performance metrics, Security event trends.
• Perform policy review, tuning, cleanup, and optimization activities.
• Coordinate with endpoint, IAM, Network, Firewall, and Server teams for integrated troubleshooting.
• Work closely with OEM/vendor support teams for critical issue resolution and escalations.
• Support audit, compliance, VAPT observations, and security hardening activities related to internet access and proxy infrastructure.
• Participate in proxy transformation, cloud security enhancement, and Zero Trust security initiatives.
• Ensure operational stability and adherence to SLA for Zscaler and Proxy environments.
• Prepare RCA reports, incident summaries, and operational dashboards for management review.
• Support production changes, maintenance activities, policy modifications, and emergency troubleshooting during critical incidents.

Primary Responsibilities Micro segmentation Security

• Good understanding of Zero Trust security architecture and micro segmentation concepts for Data Center and Disaster Recovery environments.
• Manage and support micro segmentation security operations across DC and DR environments.
• Understand the importance of controlling east-west traffic communication between servers, even within the same VLAN or subnet.
• Ensure protection against unauthorized lateral movement across servers and applications.
• Monitor and analyze server-to-server communication traffic across production, DR, and critical application environments.
• Understand application dependencies, traffic flows, ports, protocols, and process-level interactions before defining security policies.
• Create, review, and manage whitelist-based communication policies allowing only authorized traffic between workloads.
• Perform traffic flow analysis and dependency mapping for critical business applications and infrastructure services.
• Understand process-level communication between applications, middleware, databases, and system services for accurate policy creation.
• Coordinate with Server, Application, Database, Network, and Security teams to identify legitimate traffic patterns and application dependencies.
• Review application communication behavior and validate policy impact before enabling enforcement mode.
• Perform policy tuning, monitoring, validation, and optimization activities to avoid application impact and false blocking.
• Analyze blocked traffic logs, security events, and policy violations to identify unauthorized communication attempts.
• Support segregation of application tiers such as Web, Application, and Database servers through granular security controls.
• Ensure least privilege access model between workloads based on business and application requirements.
• Participate in onboarding of new servers, applications, and environments into micro segmentation monitoring and policy governance.
• Support DR activities, server migration activities, and infrastructure changes from a micro segmentation security perspective.
• Monitor workload communication visibility dashboards, alerts, and policy compliance status.
• Coordinate with infrastructure and application teams during troubleshooting of blocked or impacted application communication.
• Ensure security policy consistency across DC and DR environments.
• Participate in security audits, compliance reviews, and security architecture discussions related to Zero Trust and east-west traffic security.
• Support continuous improvement of micro segmentation governance, policy hygiene, and workload security posture.
• Work with SOC/SIEM teams for analysis of suspicious east-west traffic behavior and lateral movement attempts.
• Maintain documentation related to application dependency mapping, policy standards, exception handling, and operational procedures.
• Support security enhancement initiatives aligned with Zero Trust strategy and Data Center workload protection.

Additional Responsibilities Network & Security Coordination

• Good understanding of enterprise Data Center and branch network environments.
• Awareness of: Cisco Switching & Routing, Cisco NAC, FortiGate Firewall, Enterprise Proxy & Security infrastructure
• Coordinate with Network, Firewall, NAC, Server, and Security teams during incident troubleshooting and project activities.
• Understand infrastructure dependencies between proxy, firewall, authentication, server, and network environments.
• Support cross-functional troubleshooting and operational coordination activities.

Governance, Compliance & Security Hardening

• Ensure timely closure of VAPT observations related to proxy, Zscaler, and microsegmentation environments.
• Coordinate with internal teams and auditors for closure of audit observations, compliance findings, and security gaps.
• Implement and maintain baseline security policies and hardening standards across security platforms and workloads.
• Perform periodic rule review, rule optimization, policy cleanup, and removal of unused or stale access rules.
• Ensure adherence to security governance standards, compliance requirements, and organizational security policies.
• Review security exceptions, temporary access rules, and policy deviations to minimize security risks.
• Support security assessment activities, compliance audits, and infrastructure security reviews.
• Monitor policy effectiveness and recommend security improvements based on operational and threat analysis.
• Ensure proper documentation of security standards, policy exceptions, operational procedures, and governance controls.
• Coordinate with SOC/SIEM teams for analysis and remediation of suspicious traffic patterns, policy violations, and security alerts.
• Support continuous improvement initiatives related to workload security, proxy governance, and Zero Trust architecture.
• Participate in hardening activities for internet access security, server communication controls, and application access governance.
• Ensure periodic review and validation of whitelist-based communication policies and access controls.
• Drive operational security hygiene activities across Zscaler, Proxy, and microsegmentation environments.

Leadership & Team Management

• Lead and manage teams handling Zscaler, Proxy, and Security operations.
• Drive incident management, RCA preparation, and service improvement initiatives.
• Ensure adherence to SLA, operational governance, and security standards.
• Coordinate with internal teams, OEMs, ISPs, and management stakeholders.
• Mentor team members and support operational planning and task management.
• Participate in infrastructure transformation and security enhancement initiatives.

Required Skills

Mandatory Skills

• Strong hands-on experience in Zscaler: ZIA, ZPA, ZDX
• Experience with Symantec Proxy administration and support.
• Strong understanding of: Secure Web Gateway (SWG), Zero Trust Network Access (ZTNA), Cloud proxy architecture, SSL inspection, Secure remote access, Internet access governance, Cloud security operations
• Strong understanding of Micro segmentation and Zero Trust security concepts.
• Understanding of: East-west traffic security, Lateral movement protection, Whitelist-based workload communication, Application dependency mapping, Process-level traffic visibility and policy creation
• Strong troubleshooting and operational management skills in cloud security and proxy technologies.

Preferred / Additional Skills

• Basic to good understanding of: Cisco Switching & Routing, Cisco NAC, FortiGate Firewall
• Ability to coordinate effectively with Network, Security, Server, and Application teams.

Educational Qualification

• Bachelors Degree in Engineering / Technology / Computer Science / IT.
• Relevant certifications in Cloud Security, Zero Trust Security, Network Security, or Security Technologies will be an added advantage.