Staff Information Security Engineer (Vulnerability Management) jobs in United States
cer-icon
Apply on Employer Site
company-logo

Zscaler · 1 day ago

Staff Information Security Engineer (Vulnerability Management)

positionCrystal City, Virginia, USA
timeFull-time
remoteOnsite
senioritySenior Level, Lead/Staff
money$116K/yr - $165K/yr
date5+ years exp

Zscaler is a pioneer and global leader in zero trust security. They are seeking a Staff Information Security Engineer to join their Engineering team, focusing on vulnerability management within a U.S. Federal IL6 environment.

Cloud SecurityCyber SecurityEnterprise SoftwareSecurity
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Design and execute authenticated and unauthenticated network and host scanning using IL6-approved tools like Tenable.sc or Nessus Manager within air-gapped environments
Build Python, Go, or PowerShell automations for scan orchestration, asset onboarding, policy tuning, and diode-ready reporting formats
Drive collaboration with IL6 service owners to eliminate exploitable risks and manage comprehensive patch and hardening campaigns
Produce weekly and monthly reporting aligned to IL6 program cadence and diode data transfer policies
Maintain essential documentation including runbooks, SOPs, exception governance, and change control processes within the SCIF environment

Qualification

Vulnerability ManagementTenable.sc/Nessus ManagerScripting in PythonCSPM conceptsWeb Application ScanningDoD 8570/8140 IAT Level IICloud platforms understandingGoPowerShellFedRAMP High/Moderate operationsJiraServiceNow

Required

U.S. citizenship and a current, active U.S. Top Secret (TS) clearance
5+ years of experience in one or more of the following: Vulnerability Management
Experience with Tenable.sc/Nessus Manager or equivalents
Experience with CSPM concepts and/or Web Application Scanning (WAS) methodologies with solid understanding of risk-based prioritization (CVSS, EPSS), remediation lifecycle, and SLA governance
Scripting skills in Python, Go, or PowerShell for automation in disconnected environments

Preferred

DoD 8570/8140 IAT Level II certification such as Security+ CE, GSEC, SSCP, or CySA+
Understanding of cloud and container platforms adapted to classified environments including AWS C2S/SC2S constructs, ECS/Kubernetes, and VM hardening
Exposure to FedRAMP High/Moderate operations and ticketing management in isolated environments using Jira or ServiceNow

Benefits

Various health plans
Time off plans for vacation and sick time
Parental leave options
Retirement options
Education reimbursement
In-office perks, and more!

Company

Zscaler

twittertwittertwitter
Glassdoor4.0
company-logo
Zscaler is a global cloud-based information security company that enables secure digital transformation for mobile and cloud.
dateFounded in 2008
location
San Jose, California, USA
people-size5001-10000 employees
web-link
https://www.zscaler.com

Funding

Current Stage
Public Company
Total Funding
$1.67B
Key Investors
TPG GrowthLightspeed Venture Partners
2025-07-01Post Ipo Debt· $1.5B
2024-04-23Post Ipo Equity· $22.7M
2018-03-16IPO

Leadership Team

leader-logo
Jay Chaudhry
CEO, Chairman & Founder
linkedin
leader-logo
Hemant Dabke
Area Vice President
linkedin

Recent News

The Motley Fool
The Motley Fool Interviews Zscaler Founder and CEO Jay Chaudhry
2026-01-22
Techcircle
Zscaler appoints Swamy Kocherlakota to lead Agentic AI security engineering
2026-01-20
Investing.com
Zscaler investors fire warning shot at management with board declassification vote
2026-01-17
Company data provided by crunchbase