Job Description
Zscaler / SSE Security Engineer (L2 – Assistant Manager)
Products: Zscaler (Proxy) | Forti Gate
Role Level: Assistant Manager – L2
Shift: 24×7
Location: Belapur
Role Overview
We are seeking an experienced Zscaler / Security Engineer to implement and manage a Hybrid Security Service Edge (H‑SSE) environment with Zero Trust Network Architecture (ZTNA) for a large banking enterprise.
The role focuses on designing, implementing, and operating a secure, scalable, resilient, and highly available security architecture , ensuring compliance with RBI, CERT‑In, Indian IT laws , and applicable global regulatory requirements.
Key Responsibilities
1️⃣ Hybrid SSE & Zero Trust Architecture
Design and implement Hybrid SSE (H‑SSE) by integrating:
Cloud‑based SSE platforms
On‑premises security controls
Implement Zero Trust Network Architecture (ZTNA) using:
Identity‑based, role‑based, and context‑aware access
Architect local internet breakout for bank branches and offices
Ensure high availability, redundancy, DR, and scalability
2️⃣ Cloud‑Based Security Service Edge
Deploy and manage cloud‑based SSE to secure:
Internet access
Cloud & Saa S applications
Implement and manage security controls including:
Secure Web Gateway (SWG)
CASB
Firewall‑as‑a‑Service (FWaa S)
Advanced Threat Protection
URL filtering & malware protection
3️⃣ On‑Prem Secure Web Gateway
Design and operate on‑prem SWG for:
Critical servers
Internet‑facing systems
Integrate on‑prem SWG with cloud SSE for unified policy enforcement
4️⃣ Private Access / Cloud VPN
Implement Cloud VPN / Private Application Access
Enable least‑privilege, role‑based access to internal applications
Integrate with:
IAM
MFA
Device posture checks
5️⃣ Data Loss Prevention (DLP)
Implement DLP controls for internet and private application access
Prevent exposure of sensitive data and PII in line with:
RBI & CERT‑In guidelines
Data privacy & data localization mandates
Define and enforce data classification & protection policies
6️⃣ Local Internet Breakout & Global Offices
Enable local internet breakout for branches routed via H‑SSE
Migrate internet proxy solutions for ~10 international offices
Ensure compliance with country‑specific regulatory requirements
7️⃣ Compliance & Governance
Ensure adherence to:
RBI, CERT‑In, Indian IT Act
Applicable international regulatory mandates
Bank Information Security Policy Framework
Support:
Audits
VA/PT
Regulatory inspections
Compliance reporting
8️⃣ Managed Services & Operations (L2)
Provide 24×7 security operations support , including:
Monitoring & incident response
Policy & change management
Define and manage:
SLAs, KPIs, SOPs
Escalation matrices
Coordinate with:
Internal teams
OEMs
Bank stakeholders
Technical Skills Required
SSE / SASE platforms: Zscaler , Palo Alto Prisma, Netskope, Forcepoint
Zero Trust / ZTNA architecture
Secure Web Gateway (Cloud & On‑Prem)
VPN, Private Access & Remote Access Security
DLP (Network / Cloud)
IAM, MFA, SSO integrations
Network Security: Firewalls, Proxies, Routing (Forti Gate preferred)
High Availability & Disaster Recovery
Compliance & Audit Support
Education
BE / ME – Computer / IT / ECE or allied branches
B. Tech / M. Tech – Computer / IT / ECE
MCA
MSc – Computer / IT & allied branches
Certifications (Preferred)
CCSP
AZ‑305 (Azure Solutions Architect Expert)
AWS Certified Solutions Architect
GCP Professional Cloud Certifications
OEM certifications (Professional / Advanced / Expert) in SSE / Cloud Security
Experience
5+ years total experience
3+ years hands‑on experience in implementing and managing SSE / SASE solutions
Products: Zscaler (Proxy) | Forti Gate
Role Level: Assistant Manager – L2
Shift: 24×7
Location: Belapur
Role Overview
We are seeking an experienced Zscaler / Security Engineer to implement and manage a Hybrid Security Service Edge (H‑SSE) environment with Zero Trust Network Architecture (ZTNA) for a large banking enterprise.
The role focuses on designing, implementing, and operating a secure, scalable, resilient, and highly available security architecture , ensuring compliance with RBI, CERT‑In, Indian IT laws , and applicable global regulatory requirements.
Key Responsibilities
1️⃣ Hybrid SSE & Zero Trust Architecture
Design and implement Hybrid SSE (H‑SSE) by integrating:
Cloud‑based SSE platforms
On‑premises security controls
Implement Zero Trust Network Architecture (ZTNA) using:
Identity‑based, role‑based, and context‑aware access
Architect local internet breakout for bank branches and offices
Ensure high availability, redundancy, DR, and scalability
2️⃣ Cloud‑Based Security Service Edge
Deploy and manage cloud‑based SSE to secure:
Internet access
Cloud & Saa S applications
Implement and manage security controls including:
Secure Web Gateway (SWG)
CASB
Firewall‑as‑a‑Service (FWaa S)
Advanced Threat Protection
URL filtering & malware protection
3️⃣ On‑Prem Secure Web Gateway
Design and operate on‑prem SWG for:
Critical servers
Internet‑facing systems
Integrate on‑prem SWG with cloud SSE for unified policy enforcement
4️⃣ Private Access / Cloud VPN
Implement Cloud VPN / Private Application Access
Enable least‑privilege, role‑based access to internal applications
Integrate with:
IAM
MFA
Device posture checks
5️⃣ Data Loss Prevention (DLP)
Implement DLP controls for internet and private application access
Prevent exposure of sensitive data and PII in line with:
RBI & CERT‑In guidelines
Data privacy & data localization mandates
Define and enforce data classification & protection policies
6️⃣ Local Internet Breakout & Global Offices
Enable local internet breakout for branches routed via H‑SSE
Migrate internet proxy solutions for ~10 international offices
Ensure compliance with country‑specific regulatory requirements
7️⃣ Compliance & Governance
Ensure adherence to:
RBI, CERT‑In, Indian IT Act
Applicable international regulatory mandates
Bank Information Security Policy Framework
Support:
Audits
VA/PT
Regulatory inspections
Compliance reporting
8️⃣ Managed Services & Operations (L2)
Provide 24×7 security operations support , including:
Monitoring & incident response
Policy & change management
Define and manage:
SLAs, KPIs, SOPs
Escalation matrices
Coordinate with:
Internal teams
OEMs
Bank stakeholders
Technical Skills Required
SSE / SASE platforms: Zscaler , Palo Alto Prisma, Netskope, Forcepoint
Zero Trust / ZTNA architecture
Secure Web Gateway (Cloud & On‑Prem)
VPN, Private Access & Remote Access Security
DLP (Network / Cloud)
IAM, MFA, SSO integrations
Network Security: Firewalls, Proxies, Routing (Forti Gate preferred)
High Availability & Disaster Recovery
Compliance & Audit Support
Education
BE / ME – Computer / IT / ECE or allied branches
B. Tech / M. Tech – Computer / IT / ECE
MCA
MSc – Computer / IT & allied branches
Certifications (Preferred)
CCSP
AZ‑305 (Azure Solutions Architect Expert)
AWS Certified Solutions Architect
GCP Professional Cloud Certifications
OEM certifications (Professional / Advanced / Expert) in SSE / Cloud Security
Experience
5+ years total experience
3+ years hands‑on experience in implementing and managing SSE / SASE solutions
Apply for this Position
Ready to join ? Click the button below to submit your application.
Submit Application