• Realizar novas implementações disponíveis na solução OneTrust; • Aplicar melhorias; • Atendimento a demandas do cliente; • Monitoramento da aplicação OneTrust; • Suporte em mudanças e novas configurações; • Apoio em auditorias; • Apoio na resposta aos titulares na ferramenta OneTrust; • Elaborar relatórios e indicadores.

• Support CISA's implementation of Zero Trust architecture in alignment with the CISA Zero Trust Maturity Model (ZTMM), DoD Zero Trust Strategy, and NIST SP 800-207. • Define, develop, and maintain Zero Trust policies and standards to ensure consistent adoption across the FCEB community and partner organizations. • Drive execution and maintenance of CISA's Zero Trust Roadmap, tracking implementation milestones, resolving blockers, and advancing mission-critical deliverables in support of CISA's cybersecurity mission. • Conduct assessments of agency systems to identify capability gaps across ZT pillars. • Identity, device, network, application, and data. • Develop actionable remediation recommendations for FCEB agencies. • Develop dashboards, metrics, and reports that communicate ZT maturity levels and system risk posture to senior stakeholders and decision-makers. • Collaborate with government and commercial stakeholders to design and implement a cohesive Zero Trust framework aligned to organizational and mission objectives. • Lead and facilitate interagency working groups to synchronize ZT efforts, share best practices, and drive coordinated implementation across government and industry partners.

Role Description We are seeking a skilled Zscaler Engineer with a background in networking and security to design, implement, and manage Zscaler cloud security solutions. The ideal candidate will have a working knowledge of Palo Alto Networks and Cisco firewalls to ensure robust network security postures for our organization and clients. CLT and fully remote position. Must reside in Brazil. Benefits include: - Health and dental insurance - Meal and restaurant vouchers - Fixed monthly stipend for internet and mobile expenses - Company-issued device Responsibilities - Zscaler Implementation: Deploy, configure, and optimize Zscaler solutions (ZIA, ZPA, ZCC, and ZDX) to enforce zero-trust security policies and enable secure access to applications. - Firewall Management: Configure and manage Palo Alto Networks and Cisco firewalls with a working knowledge to enforce security policies, perform threat prevention, and ensure network segmentation. - Network Security: Monitor and troubleshoot network security issues, ensuring compliance with industry standards and best practices. - Policy Optimization: Develop and fine-tune security policies across Zscaler and firewalls to align with business needs and security requirements. - Incident Response: Investigate and respond to security incidents as an SME for Zscaler and firewalls. - Documentation & Training: Create detailed technical documentation and provide training to internal teams on Zscaler and related technologies. - Collaboration: Work closely with network, security, and application teams to integrate Zscaler solutions into existing infrastructure. - Stay Current: Keep abreast of emerging threats, industry trends, and advancements in Zscaler, Palo Alto, Cisco, and related technologies. Qualifications - Education: Associate Degree, or, Technologo (Technologist) Degree, or higher preferred. - Experience: - 5+ years of experience in networking and security engineering. - 2+ years of hands-on experience with Zscaler (ZIA, ZPA, ZCC, and ZDX). - Proven working knowledge in configuring and managing Palo Alto Networks firewalls (PA and VM-Series, Panorama). - Proven working knowledge in configuring and managing Cisco firewalls. - Certifications (preferred): - Zscaler Certified Cloud Professional - Private Access (ZCCP-PA). - Zscaler Certified Cloud Professional - Internet Access (ZCCP-IA). - Palo Alto Networks Certified Network Security Administrator (PCNSA). - Cisco Certified Network Associate (CCNA). - Technical Skills: - Deep understanding of networking protocols (TCP/IP, DNS, DHCP, BGP, OSPF). - Proficiency in firewall policy management, NAT, VPN, and threat prevention. - Familiarity with Cisco ISE for 802.1X, TACACS+, and guest access solutions. - Familiarity with cloud security concepts and SASE (Secure Access Service Edge) frameworks. - Knowledge of scripting (Python, Bash) for automation is a plus. - Soft Skills: - Strong problem-solving and analytical skills. - Excellent communication and collaboration abilities. - Ability to work independently and manage multiple priorities in a fast-paced environment. Preferred Qualifications - Experience with other SASE or SSE platforms (e.g., Prisma Access). - Knowledge of cloud platforms (AWS, Azure, GCP, OCI) and their security controls. - Familiarity with SIEM tools (e.g., Splunk, Exabeam) and endpoint security solutions. - Previous experience in a customer-facing or consulting role. Benefits - Health and dental insurance - Meal and restaurant vouchers - Fixed monthly stipend for internet and mobile expenses - Company-issued device

• Manage security assessments for a variety of applications and domains, including cloud computing environments • Lead multiple large, complex, high-risk security assessment initiatives concurrently • Implement security controls and verify control effectiveness in alignment with NIST RMF and ISO standards • Conduct risk assessments and document compliance measures to meet organizational and regulatory requirements • Evaluate, validate, and support documentation required for A&A and accreditation activities for new and existing IT systems • Ensure appropriate treatment of risk, compliance, and assurance from internal and external perspectives • Support development of actionable security blueprints, principles, models, designs, standards, and guidelines • Apply security architecture principles and best practices to help design and maintain secure IT infrastructures aligned to A&A policies • Use network and vulnerability scanning tools to interrogate systems for configuration and security status • Utilize GRC tools to manage and track A&A workflows, artifacts, and approvals • Serve as an A&A subject matter expert, providing guidance to stakeholders, business units, and new A&A resources • Build and maintain schedules and step-by-step action plans; brief cross-functional teams and executives on status and risk