[Remote] Staff Technical Program Manager - Compliance Architecture

Note: The job is a remote job and is open to candidates in USA. Zscaler is a leading AI-forward enterprise focused on digital transformation and cybersecurity. They are seeking a Staff Compliance Architect to serve as a technical subject matter expert, embedding compliance requirements into product and infrastructure delivery while collaborating with various engineering teams.

Responsibilities

• Define and maintain enterprise privacy baseline requirements, embedding them into the SDLC by translating regulatory and assurance expectations (e.g., NIST 800-53, FedRAMP/DoD IL5 privacy-relevant controls, and (as applicable) ISO 27701/ISO 42001) into measurable technical criteria and acceptance tests
• Establish standardized privacy-by-design patterns (data minimization, purpose limitation, retention/deletion, privacy-safe telemetry, access controls) and partner with Engineering/Compliance Engineering to automate validation and evidence collection through CI/CD guardrails and policy-as-code
• Conduct privacy architecture reviews and operational readiness assessments to identify data-handling risks (collection, use, sharing, storage, logging), and provide actionable remediation guidance aligned to engineering realities and delivery timelines
• Maintain authoritative data flow diagrams and processing narratives, ensuring data classifications, processing purposes, transfer points, trust boundaries, and retention expectations are current, consistent, and audit-ready
• Evaluate significant changes for impacts to data processing scope, trust boundaries, and authorization boundaries; drive cross-functional alignment across Engineering, Product, Security, and Legal/Privacy stakeholders and ensure decisions are documented for auditability

Skills

• Bachelor's degree in Computer Science, Information Systems, Engineering, or a related field
• 5+ years of experience in compliance, security architecture, compliance engineering, or technical audit with a focus on translating control requirements into technical verification mechanisms
• Proven experience performing architecture reviews and gap analysis against FedRAMP High or DoD IL5 frameworks
• Proficiency in public cloud services (AWS, Azure, or GCP) and the ability to produce architecture diagrams and associated control narratives
• Strong track record of driving outcomes through influence and effective partnership with engineering teams
• Experience building automated control validation systems such as policy-as-code or CI/CD control gates
• Deep familiarity with identity and authorization architectures, specifically regarding trust boundaries and authorization model changes
• Professional certifications such as CISSP, CISA, CCSP, or specialized cloud security certifications

Benefits

• Various health plans
• Time off plans for vacation and sick time
• Parental leave options
• Retirement options
• Education reimbursement
• In-office perks, and more!

Company Overview

Company H1B Sponsorship