Principal DevSecOps Engineer

About Zscaler :

Our Engineering team built the world’s largest cloud security platform from the ground up, and we keep building. With more than 100 patents and big plans for enhancing services and increasing our global footprint, the team has made us and our multitenant architecture today's cloud security leader, with more than 15 million users in 185 countries. Bring your vision and passion to our team of cloud architects, software engineers, security experts, and more who are enabling organizations worldwide to harness speed and agility with a cloud-first strategy.

We're looking for an experienced Principal DevSecOps Engineer to join our team reporting to a Director of Engineering, you'll be responsible for :

• Define and evangelize the long-term vision and roadmap for Code Security, integrating security seamlessly into CI / CD pipelines, infrastructure-as-code (IaC), and cloud operations.
• Lead a small team of engineers providing mentorship and education on secure coding practices, threat modeling, and DevSecOps principles and driving them to achieve the long-term roadmap
• In depth experience in securing the code, applications and infrastructure with a strong working experience in Security scanning SAST (e.g., Checkmarx, SonarQube), DAST (e.g., Burp Suite Enterprise, OWASP ZAP), SCA (e.g., BlackDuck, Snyk, Mend), WAF, IDS / IPS, SIEM / SOAR integration
• Rich experience in establishing and delivering cross functional programs for continuous vulnerability assessment, penetration testing that has organization wide impact
• Ensure our systems and practices adhere to industry security standards and regulations (e.g., SOC 2, ISO 27001, GDPR, PCI DSS)
• Experience with compliance checks and evidence collection for audit purposes, and developing and enforcing security policies, standards, and guidelines across engineering

What We're Looking for (Minimum Qualifications)

What Will Make You Stand Out (Preferred Qualifications)