Note: The job is a remote job and is open to candidates in USA. Zscaler is an AI-forward enterprise focused on digital transformation and cybersecurity. They are seeking a Staff Technical Program Manager to serve as the compliance team’s technical subject matter expert, embedding compliance requirements into product and infrastructure delivery while partnering with various teams to translate regulatory obligations into technical standards.
Responsibilities
- Define and maintain enterprise privacy baseline requirements, embedding them into the SDLC by translating regulatory and assurance expectations (e.g., NIST 800-53, FedRAMP/DoD IL5 privacy-relevant controls, and ISO 27701/ISO 42001) into measurable technical criteria and acceptance tests
- Establish standardized privacy-by-design patterns (data minimization, purpose limitation, retention/deletion, privacy-safe telemetry, access controls) and partner with Engineering/Compliance Engineering to automate validation and evidence collection through CI/CD guardrails and policy-as-code
- Conduct privacy architecture reviews and operational readiness assessments to identify data-handling risks (collection, use, sharing, storage, logging), and provide actionable remediation guidance aligned to engineering realities and delivery timelines
- Maintain authoritative data flow diagrams and processing narratives, ensuring data classifications, processing purposes, transfer points, trust boundaries, and retention expectations are current, consistent, and audit-ready
- Evaluate significant changes for impacts to data processing scope, trust boundaries, and authorization boundaries; drive cross-functional alignment across Engineering, Product, Security, and Legal/Privacy stakeholders and ensure decisions are documented for auditability
Skills
- Foundational understanding of AI/ML technologies and experience leveraging, securing, or positioning AI-driven solutions to optimize outcomes within your functional domain
- Bachelor's degree in Computer Science, Information Systems, Engineering, or a related field
- 5+ years of experience in compliance, security architecture, compliance engineering, or technical audit with a focus on translating control requirements into technical verification mechanisms
- Proven experience performing architecture reviews and gap analysis against FedRAMP High or DoD IL5 frameworks
- Proficiency in public cloud services (AWS, Azure, or GCP) paired with a strong track record of producing architecture diagrams, control narratives, and driving outcomes through engineering partnerships
- Experience building automated data governance frameworks or compliance verification systems specifically tailored to generative AI applications and large language model (LLM) data trust boundaries
- Experience building automated control validation systems such as policy-as-code or CI/CD control gates
- Deep familiarity with identity and authorization architectures, trust boundaries, and professional compliance certifications such as CISSP, CISA, CCSP, or specialized cloud security credentials
Benefits
- Various health plans
- Time off plans for vacation and sick time
- Parental leave options
- Retirement options
- Education reimbursement
- In-office perks, and more!
Company Overview
Company H1B Sponsorship