The final salary or hourly wage, as applicable, paid to each candidate/applicant for this position is ultimately dependent on a variety of factors, including, but not limited to, the candidate’s/applicant’s qualifications, skills, and level of experience as well as the geographical location of the position.

The end client is unable to sponsor or transfer visas for this position; all parties authorized to work in the US without sponsorship are encouraged to apply.

Our client is seeking a Zero Trust Security Engineer x 2 in Northern Virginia, VA/Hybrid.

Role Description

The Zero Trust Security Engineer is responsible for driving the implementation of Zero Trust security rules, including formal requests to firewall teams, ongoing coordination, validation of changes, and post implementation verification.
This role is execution focused and serves as the single point of accountability for ensuring Zero Trust rules are implemented correctly, completely, and auditable across firewall and security platforms.
Rule Implementation & Coordination
• Translate Zero Trust analysis outputs into formal firewall and security rule requests.
• Submit detailed implementation requests to firewall teams, including:
• Source identities (users, groups, roles)
• Destination applications, addresses, and services
• Required ports, protocols, and application IDs
• Ensure requests meet firewall team standards and contain all required technical details.
• Act as the primary liaison between Zero Trust, IAM, firewall engineering, and application teams.
• Track firewall requests from submission through completion.
• Resolve implementation questions, clarifications, or discrepancies with firewall engineers.
• Validate that implemented firewall rules exactly match approved Zero Trust requirements.
• Perform post implementation testing to confirm:
• Authorized access works as expected
• Unauthorized access is blocked
• Identify and remediate misconfigurations, partial implementations, or policy drift.
• Ensure all implemented rules are properly tagged, documented, and traceable to application and Zero Trust requirements.
• Maintain implementation records for audit, compliance, and reporting.
• Support ongoing refinement of Zero Trust rules as application access requirements evolve.

Skills & Requirements

• 5-10 years experience
• experience as a zero trust executor: looking for someone who can validate the ruke matched the original access requirement, NOT someone who handed it off to a separate firewall team after submitting the request
• firewall: deep experience with enterprise firewalls (palo alto preferred)
• someone who can take zero trust outputs, translate them into source identities, destinations, etc and can catch gaps before firewall engineers do
• Can explain how they manage multiple concurrent rule requests
• has done negative testing
• understands IAM (doesnt need someone who can build it, just who deeply understands it)
• Hands on experience working with enterprise firewalls (Palo Alto preferred).
• Strong understanding of user-based and application aware firewall policies.
• Experience submitting and managing firewall rule requests in enterprise environments.
• Ability to validate security rule implementations and troubleshoot access issues.
• Strong coordination and communication skills across technical teams.
• Experience implementing Zero Trust Network Access (ZTNA) solutions.
• Familiarity with IAM, Entra ID groups, AD groups, and RBAC models.
• Experience integrating firewall rules with application onboarding frameworks.
• Knowledge of audit, compliance, and security reporting requirements.

Benefits/Other Compensation

This position is a contract/temporary role where Hays offers you the opportunity to enroll in full medical benefits, dental benefits, vision benefits, 401K and Life Insurance ($20,000 benefit).

Why Hays?

You will be working with a professional recruiter who has intimate knowledge of the industry and market trends. Your Hays recruiter will lead you through a thorough screening process in order to understand your skills, experience, needs, and drivers. You will also get support on resume writing, interview tips, and career planning, so when there’s a position you really want, you’re fully prepared to get it.

Nervous about an upcoming interview? Unsure how to write a new resume?

Visit the Hays Career Advice section to learn top tips to help you stand out from the crowd when job hunting.

Hays is committed to building a thriving culture of diversity that embraces people with different backgrounds, perspectives, and experiences. We believe that the more inclusive we are, the better we serve our candidates, clients, and employees. We are an equal employment opportunity employer, and we comply with all applicable laws prohibiting discrimination based on race, color, creed, sex (including pregnancy, sexual orientation, or gender identity), age, national origin or ancestry, physical or mental disability, veteran status, marital status, genetic information, HIV-positive status, as well as any other characteristic protected by federal, state, or local law. One of Hays’ guiding principles is ‘do the right thing’.
We also believe that actions speak louder than words.
In that regard, we train our staff on ensuring inclusivity throughout the entire recruitment process and counsel our clients on these principles. If you have any questions about Hays or any of our processes, please contact us.

In accordance with applicable federal, state, and local law protecting qualified individuals with known disabilities, Hays will attempt to reasonably accommodate those individuals unless doing so would create an undue hardship on the company. Any qualified applicant or consultant with a disability who requires an accommodation in order to perform the essential functions of the job should call or text 813.336.5570.

Drug testing may be required; please contact a recruiter for more information.

#LI-DNI