Security Architect, Agentic AI

About Zscaler Zscaler accelerates digital transformation to ensure our customers can be more agile, efficient, resilient, and secure. As an AI-forward enterprise , we are constantly pushing the envelope, leveraging the world’s largest security data lake to power our cloud-native Zero Trust Exchange platform. This innovation protects our customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location. Here, impact in your role matters more than title and trust is built on results. We say, impact over activity. We seek innovators who actively use AI to amplify their impact and who thrive in an environment where we leverage intelligent systems to stay ahead of evolving threats. We believe in transparency and value constructive, honest debate —we’re focused on getting to the best ideas, faster. We build high-performing teams that can make an impact quickly and with high quality. To do this, we are building a culture of execution centered on customer obsession , collaboration, ownership, and accountability. We value high-impact, high-accountability with a sense of urgency where you’re enabled to do your best work and embrace your potential. If you’re driven by purpose, thrive on solving complex challenges, and want to be part of the team that’s helping to secure the AI age, we invite you to bring your talents to Zscaler and help shape the future of cybersecurity. We are looking for an Agentic AI - Architect/Security Engineer to join our Exposure Management & Security Operations team. This is a fully remote U.S. role, reporting to the VP, Information Security Engineering. We’re looking for a hands-on Security Architect/Engineer to build and ship security capabilities for agentic AI systems—LLM apps that plan, use tools, manage memory, and leverage enterprise data. This is an implementation-focused role where you will deliver production code, secure building blocks, and reference implementations for both IT and Product teams. What you’ll do (Role Expectations) Build secure agent runtimes, libraries, and reference implementations while implementing core agent patterns like planner/executor, tool routing, and RAG boundaries Build and secure MCP servers, clients, tool registries, and connector patterns with robust authentication, authorization, and audit logging Enforce secure-by-default controls including schema validation, tool allowlists, redaction, and policy checks Threat model and test agent workflows for prompt injection and data exfiltration to build repeatable security evaluations Who You Are (Success Profile) You thrive in ambiguity and are comfortable building the path as you walk it, seeing uncertainty as the raw material to build something meaningful. You act like an owner with a passion for the mission and a bias for action, navigating seamlessly between strategy and hands-on execution. You are a problem-solver who seeks out challenges and is energized by finding solutions that deliver the biggest impact. You are a high-trust collaborator who is ambitious for the team and embraces a challenge culture through candid, respectful feedback. You operate with urgency and understand that speed and quality are not mutually exclusive in a high-growth environment. What We’re Looking for (Minimum Qualifications) Extensive experience designing and implementing agent runtimes including planning, tool calling, and memory/state controls 8+ years of experience shipping production security engineering solutions with strong coding skills in Python, TypeScript, or Node Practical experience integrating frontier model APIs with structured outputs, streaming, and safety controls Familiarity with agent frameworks such as LangGraph, LangChain, or Semantic Kernel and the ability to extend them securely Solid experience in cloud security for AWS, GCP, or Azure along with Kubernetes security and Infrastructure as Code What Will Make You Stand Out (Preferred Qualifications) Familiarity with OWASP LLM Top 10, MITRE ATLAS, or the NIST AI RMF Experience building red-team style testing or evaluation harnesses for LLM applications and agents Strong background in data security for RAG, including retrieval authorization and tenancy boundaries #LI-Remote #LI-JM1 Zscaler’s salary ranges are benchmarked and are determined by role and level. The range displayed on each job posting reflects the minimum and maximum target for new hire salaries for the position across all US locations and could be higher or lower based on a multitude of factors, including job-related skills, experience, and relevant education or training. The base salary range listed for this full-time position excludes commission/ bonus/ equity (if applicable) + benefits. Base Pay Range $182,000 — $260,000 USD At Zscaler, we are committed to building a team that reflects the communities we serve and the customers we work with. We foster an inclusive e