Zero Trust Operations Engineer
Charles Schwab · Austin, TX · 1 wk ago
HybridEngineeringFull-time
Core Responsibilities
- Own and lead the response to complex Zero Trust related service degradations, incidents, and systemic issues, setting technical direction for triage, prioritization, and resolution across teams.
- Independently investigate and resolve highly complex connectivity, access, and performance issues across Zero Trust network and cloud security platforms by synthesizing logs, telemetry, diagnostics, and cross-domain data.
- Serve as a technical incident leader and escalation authority for high-severity or high-impact incidents, directing containment, coordinating multi-team response efforts, driving root cause analysis, and ensuring durable corrective actions.
- Set the standard for stakeholder communication during major incidents, translating technical detail into clear impact assessments, executive-level updates, and remediation strategies.
- Design, validate, and implement high-risk or high-impact configuration and architectural changes to Zero Trust platforms, ensuring alignment with security strategy, operational resilience, and user experience goals.
- Lead the evolution of policy models, access controls, and segmentation approaches aligned to Zero Trust and least-privilege principles, proactively identifying simplification and risk-reduction opportunities.
- Own pre- and post-change validation strategy, including user experience testing, regression analysis, and risk assessment for changes with broad or ambiguous impact.
- Enforce change quality standards, ensuring complete implementation records, rollback strategies, and audit-ready documentation for complex changes.
- Provide technical leadership for platform stability and resilience, identifying systemic risks, performance bottlenecks, and failure patterns before they impact users.
- Drive proactive monitoring and telemetry improvements, shaping alerting strategies and dashboards that surface actionable signals rather than reactive noise.
- Translate short-term mitigations into long-term improvements, influencing architecture, tooling, automation, and operational processes to reduce recurring risk.
- Partner with engineering and architecture teams to drive enhancements to Zero Trust services that improve resilience, scalability, and security posture.
- Own and evolve operational runbooks, troubleshooting frameworks, and incident response practices, ensuring they scale across teams and remain aligned with real-world operations.
- Apply senior-level technical judgment in ambiguous or high-stakes scenarios, balancing security, availability, user experience, and business priorities without prescriptive guidance.
- Author and maintain authoritative documentation including design references, operational procedures, incident analyses, and platform diagrams used as sources of truth.
- Ensure operational knowledge is durable and transferable, enabling operations, engineering, and support teams to resolve issues with minimal escalation.
- Act as a trusted technical partner to network, identity, endpoint, DevSecOps, cloud, and SOC teams, influencing outcomes through expertise rather than authority.
- Represent Zero Trust Operations as a senior technical voice in cross-functional forums, articulating risk, tradeoffs, and technical constraints to leadership and partners.
- Identify, design, and implement automation and AI-assisted solutions (e.g., Microsoft Copilot) to reduce manual effort, accelerate diagnostics, and scale operational effectiveness.
- Mentor and develop peers through technical guidance, design reviews, incident leadership, and knowledge sharing, elevating overall team capability.
- Pursue ongoing professional development and certifications, aligning skill growth with evolving Zero Trust technologies and organizational priorities.
Qualifications
- 5+ years of experience in cybersecurity
- 3+ years of direct operational support experience with Zero Trust solutions (ZTNA, CASB, SWG, SASE, etc.)
- Working knowledge of networking fundamentals, and cloud security knowledge & concepts
- Automation experience desired (Python, scripts, Ansible, Salt, etc.)
- 4-year college degree in Computer Science or Cybersecurity (or equivalent)
- Security certifications (Security+, CASP+, GSEC, SSCP, CDPSE, GIAC/SANS, or equivalent)
- Zero Trust vendor certifications
- Network certifications (Network+, CCIE, CCNA, CCNP, or equivalent)