Senior Cyber Security Engineer- Zero Trust

About the position At Orlando Health, we are ordinary people with extraordinary individuality, working together to bring help, healing and hope to those we serve. By daily embodying our over 100-year legacy, we reinforce our reputation as a trusted and respected healthcare organization that delivers professional and compassionate care to our patients, families and communities. Through our award-winning hospitals and ERs, specialty institutes, urgent care centers, primary care practices and outpatient facilities, our 27,000+ team members serve communities that span Florida’s east to west coasts and beyond. ORLANDO HEALTH - BENEFITS & PERKS: All Inclusive Benefits (start day one) Student loan repayment, tuition reimbursement, FREE college education programs, retirement savings, paid paternity leave, fertility benefits, back up elder and childcare, pet insurance, PTO/Holidays, and more for full time and part time employees. Forbes Recognizes Orlando Health as a Best-In-State Employer Forbes has named Orlando Health as one of America's Best-In-State Employers for 2024. Orlando Health is the top healthcare organization in the Metro Orlando area to make the prestigious list. "We are proud to be named once again as a best place to work," said Karen Frenier, VP (HR). "This achievement reflects our positive culture and efforts to ensure that all team members feel respected, supported and valued. Employee-centric Orlando Health has been selected as one of the “Best Places to Work in Healthcare” by Modern Healthcare The Senior Cyber Security Engineer provides technical leadership in the design, implementation, and operationalization of Zero Trust Architecture across enterprise on‑premises, cloud, and hybrid environments. This role leads the deployment and optimization of Zscaler and SASE-based security platforms, driving secure access transformation, network modernization, and identity-centric security controls. The engineer partners closely with Security Architecture, IAM, SOC, Network, and Infrastructure teams to implement scalable, policy-driven security solutions that reduce attack surface, improve user experience, and enhance detection and response capabilities. This position plays a critical role in advancing cloud security, secure remote access, and least-privilege access strategies while ensuring alignment with organizational risk, compliance, and resilience objectives. Responsibilities • Lead design, deployment, and optimization of security solutions for on-premises and cloud environments, ensuring alignment with security requirements and best practices. • Lead the design, deployment, and optimization of Zero Trust Architecture, aligning with NIST and industry best practices, including identity-based access, continuous verification, and least-privilege principles. • Engineer and operate the Zscaler technology stack, including: Zscaler Internet Access (ZIA) Zscaler Private Access (ZPA) Zscaler Digital Experience (ZDX) Zscaler Client Connector • Replace legacy perimeter-based security (VPNs, static firewalls) with cloud-native, identity-aware access controls. • Design secure access models for remote users, third parties, and cloud workloads, ensuring consistent policy enforcement regardless of location. • Oversee security network tuning and optimization, proactively identifying vulnerabilities, optimizing system performance, and aligning with strategies conceived by Security Architect. • Resolve complex security issues, ensuring continuous improvement of security protocols. • Drive security standards development and tool/vendor selection to ensure effective security measures. • Recommend and implement security enhancements to strengthen the organization's security posture. • Collaborate with cross-functional teams (SOC, Resiliency, IAM, etc.) to develop and integrate comprehensive security strategies into infrastructure, operations, and incident response frameworks. • High proficiency in network security concepts, such as security event correlation, TCP/IP concepts, DNS, firewall technologies, IPS/IDS, Endpoint protection, routers, switches, perimeter security devices, MFA, encryption and PKI as well as IPSEC and SSL based VPN solutions. • Provide expertise in network concepts & protocols, and for Windows, Linux, macOS, and mobile OS, guiding the team on platform-specific security measures. • Create and maintain automation scripts (Bash, PowerShell, Python) to streamline security tasks. • Stay updated on emerging threats/trends, security laws, principles and practices and proactively adjust strategies. • Serve as a subject matter expert and mentor to junior engineers, providing guidance on complex security practices, technical problem-solving, incident handling, and career development. • Partner with project teams to ensure that security is designed in all technology initiatives. • Aid in the development and refinement of security policies ensuring alignment with regulatory requirements and organizational goals