Zero Trust Security Engineer

Job Description

Start date – 6/1/2026.
Location: Vienna, VA – 3 days a week onsite, 2 days remote.
The Zero Trust Security Engineer is responsible for driving the implementation of Zero Trust security rules, including formal requests to firewall teams, ongoing coordination, validation of changes, and post‑implementation verification. This role is execution‑focused and serves as the single point of accountability for ensuring Zero Trust rules are implemented correctly, completely, and auditable across firewall and security platforms.

Key Responsibilities

Rule Implementation & Coordination

• Translate Zero Trust analysis outputs into formal firewall and security rule requests.
• Submit detailed implementation requests to firewall teams, including:
  • Source identities (users, groups, roles)
  • Destination applications, addresses, and services
  • Required ports, protocols, and application IDs
• Ensure requests meet firewall team standards and contain all required technical details.

Cross‑Team Execution

• Act as the primary liaison between Zero Trust, IAM, firewall engineering, and application teams.
• Track firewall requests from submission through completion.
• Resolve implementation questions, clarifications, or discrepancies with firewall engineers.

Validation & Verification

• Validate that implemented firewall rules exactly match approved Zero Trust requirements.
• Perform post‑implementation testing to confirm:
  • Authorized access works as expected
  • Unauthorized access is blocked
• Identify and remediate misconfigurations, partial implementations, or policy drift.

Audit & Lifecycle Management

• Ensure all implemented rules are properly tagged, documented, and traceable to application and Zero Trust requirements.
• Maintain implementation records for audit, compliance, and reporting.
• Support ongoing refinement of Zero Trust rules as application access requirements evolve.

Required Skills & Experience

• Hands‑on experience working with enterprise firewalls (Palo Alto preferred).
• Strong understanding of user‑based and application‑aware firewall policies.
• Experience submitting and managing firewall rule requests in enterprise environments.
• Ability to validate security rule implementations and troubleshoot access issues.
• Strong coordination and communication skills across technical teams.

Preferred Qualifications

• Experience implementing Zero Trust Network Access (ZTNA) solutions.
• Familiarity with IAM, Entra ID groups, AD groups, and RBAC models.
• Experience integrating firewall rules with application onboarding frameworks.
• Knowledge of audit, compliance, and security reporting requirements.

Success Looks Like

• Firewall rules are requested properly and implemented correctly the first time.
• Clean handoffs with minimal back‑and‑forth.
• Verified, auditable Zero Trust enforcement across the environment.