What are the responsibilities and job description for the Network Administrator position at Cypress HCM?
Overview
- We are seeking a Senior Zscaler Network Engineer (Contractor) to enhance our current Zscaler rollout capacity and strengthen day-to-day operational support. This role will focus on Zscaler Internet Access (ZIA), Zscaler Private Access (ZPA), and their integration with Palo Alto firewalls, Cisco networking, and Okta.
- The engineer will work closely with an existing Principal Network Engineer (FTE) and the broader network/security teams to:
- Scale and optimize our ZIA and ZPA deployments
- Troubleshoot complex, day-to-day Zscaler and network issues
- Own technical intake and assessment for new Zscaler-related projects from internal organizations
- Mentor and upskill other team members on Zscaler and related network and identity technologies
- The ideal candidate is Zscaler-certified, highly hands-on, and comfortable in a fast-paced enterprise environment. The position is hybrid, with approximately half of the time spent onsite at our Pleasanton, CA HQ and half working remotely.
- Rollout & Implementation (ZIA / ZPA)
- Execute and enhance the rollout of ZIA and ZPA for users, sites, and applications in partnership with the Principal Network Engineer (FTE).
- Implement and refine Zscaler policies, traffic forwarding methods (including PAC files, GRE/IPsec tunnels, and Zscaler Client Connector), and configurations to support new locations, user groups, and applications.
- Contribute to implementation plans, change requests, and repeatable runbooks to ensure consistent, high-quality deployments.
- Integration with Palo Alto, Cisco, and Okta
- Integrate and optimize Zscaler with Palo Alto firewalls and Cisco network infrastructure (routing, switching, SD-WAN/VPN) for secure internet egress and private access.
- Implement and maintain Okta integration for authentication, SSO, and user/group-based policy enforcement in Zscaler.
- Work with security and identity teams to align policies across Zscaler, Palo Alto, Cisco, and Okta.
- Serve as a senior escalation point for Zscaler-related incidents and requests.
- Perform detailed troubleshooting across endpoints, Cisco network paths, Palo Alto firewalls, Zscaler (ZIA/ZPA), and applications to resolve connectivity, performance, and policy issues.
- Collaborate with internal teams and vendors to drive issues to root cause and permanent remediation.
- Improve monitoring, logging, and alerting for ZIA and ZPA, leveraging existing tools and SIEM integrations.
- Act as a technical contact for new project intake where Zscaler is a dependency (e.g., onboarding new applications to ZPA, new sites or user groups to ZIA, or new security requirements).
- Assess requirements from internal teams, identify Zscaler, Palo Alto, Cisco, and Okta impacts, and propose appropriate technical designs and implementation approaches.
- Provide effort estimates, dependencies, and clear technical tasks to support project planning and execution.
- Mentor and coach other network and security engineers on ZIA, ZPA, Palo Alto, Cisco, and Okta integrations.
- Share best practices through documentation, knowledge-transfer sessions, and active participation in design and review discussions.
- Help standardize operational procedures, troubleshooting playbooks, and checklists for the broader team.
- Maintain and improve technical documentation for Zscaler deployments, policies, integrations, and operational workflows.
- Contribute to standards for Zscaler configuration, change management, and overall security posture across Zscaler, Palo Alto, Cisco, and Okta.
- Current Zscaler certification (e.g., Zscaler Certified Associate / Professional / Architect or equivalent).
- Practical experience integrating Zscaler with: Palo Alto firewalls Cisco networking (routing, switching, VPN/SD-WAN) Okta for identity, SSO, and group-based access - Need to know and have worked around them - Cisco
- Solid understanding of: TCP/IP, DNS, HTTP/HTTPS, SSL/TLS Routing, switching, VPNs, and SD-WAN Zero Trust Network Access (ZTNA) principles and secure remote access patterns
- Zscaler Internet Access (ZIA)
- Zscaler Private Access (ZPA)
- years of experience in network engineering in medium-to-large enterprise environments.
- Strong, hands-on experience deploying and supporting Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA) in production.
- Current Zscaler certification (e.g., Zscaler Certified Associate / Professional / Architect or equivalent).
- Practical experience integrating Zscaler with:
- Palo Alto firewalls
- Cisco networking (routing, switching, VPN/SD-WAN)
- Okta for identity, SSO, and group-based access
- Solid understanding of:
- TCP/IP, DNS, HTTP/HTTPS, SSL/TLS
- Routing, switching, VPNs, and SD-WAN
- Zero Trust Network Access (ZTNA) principles and secure remote access patterns
- Proven ability to troubleshoot complex network and security issues using logs, packet captures, and systematic analysis across multiple platforms (Zscaler, Palo Alto, Cisco, Okta).
- Strong communication skills, with the ability to interact effectively with engineers, project managers, and non-technical stakeholders.
- Demonstrated experience mentoring or supporting less-experienced engineers.
- working alongside Principal/Lead Network Engineers or Architects on large-scale network/security rollouts.
- Familiarity with automation and scripting (e.g., Python, Terraform, Ansible or similar) to support network and security operations.
- Experience in hybrid or multi-cloud environments and remote-first user populations.
- Background in regulated or security-sensitive industries.
- $70-75/hr (W2 hourly)
Salary : $70 - $75