Principal Security Researcher

Position Overview

• Location Type: Remote
• Job Type: Full-time
• Salary: $154,000 - $220,000 USD (Base Pay Range, excludes commission/bonus/equity + benefits)

Zscaler is seeking a Principal Security Researcher to join its Engineering team. Reporting to the Senior Director of Information Security, this role is crucial for maintaining and enhancing the security of Zscaler's cloud platform.

About Zscaler

Zscaler is a global leader in cloud security, protecting thousands of enterprise customers, including 40% of Fortune 500 companies. Founded in 2007, Zscaler operates the world's largest security cloud, enabling digital transformation by making the cloud a safe and enjoyable place for enterprise users. The Zscaler Zero Trust Exchange™ platform secures users, devices, and applications across all locations. Recognized as a Best Workplace in Technology, Zscaler fosters an inclusive and collaborative culture for bright minds in the industry. The Engineering team has built and continues to enhance the world's largest cloud security platform, holding over 100 patents and serving over 15 million users in 185 countries.

Responsibilities

• Oversee the full lifecycle of the Public Key Infrastructure (PKI) environment, including Certificate Authorities (CAs), Intermediate CAs, CRLs, OCSP services, and HSMs.
• Manage certificate lifecycle operations such as issuance, renewal, expiration monitoring, and revocation to prevent service disruptions.
• Ensure PKI operations adhere to security policies, regulatory requirements, and cryptographic standards (e.g., TLS, RSA, ECC, HMAC).
• Develop automation solutions to streamline certificate management at scale.
• Collaborate with engineering, product, IT, DevOps, and security teams to integrate cryptographic best practices into systems and products.

Minimum Qualifications

• 8+ years of experience in managing PKI operations, certificates, or cryptographic security in production environments.
• Bachelor’s degree in Computer Science, Information Security, or a related field, or equivalent practical experience.
• Proficiency in Public Key Infrastructure (PKI) concepts, cryptographic protocols (e.g., TLS/SSL, RSA, ECC), and certificate lifecycle management.
• Hands-on experience managing Certificate Authorities (CA), HSMs, and PKI tools (e.g., Microsoft CA, EJBCA, or equivalent).
• Scripting knowledge (Python, Bash, or PowerShell) for automation and integration.

Preferred Qualifications

• Expertise in securing PKI operations within cloud-native environments (e.g., AWS Certificate Manager, Azure Key Vault, Google Cloud KMS).
• Advanced understanding of emerging cryptographic algorithms (e.g., post-quantum cryptography).
• Experience integrating PKI systems into CI/CD pipelines and modern product lifecycles.

Application Instructions

• To apply, please refer to the job posting on Zscaler's career page. (Note: Specific application instructions were not provided in the original text, this is a placeholder).

Company Information

• Company: Zscaler
• Website: [Zscaler Website - Not provided in original text]
• Culture: Inclusive, supportive, fast-paced, collaborative.