We are looking for an Agentic AI - Architect/Security Engineer to join our Exposure Management & Security Operations team. This is a fully remote U.S. role, reporting to the VP, Information Security Engineering. We're looking for a hands-on Security Architect/Engineer to build and ship security capabilities for agentic AI systems-LLM apps that plan, use tools, manage memory, and leverage enterprise data. This is an implementation-focused role where you will deliver production code, secure building blocks, and reference implementations for both IT and Product teams. What you'll do (Role Expectations) • Build secure agent runtimes, libraries, and reference implementations while implementing core agent patterns like planner/executor, tool routing, and RAG boundaries • Build and secure MCP servers, clients, tool registries, and connector patterns with robust authentication, authorization, and audit logging • Enforce secure-by-default controls including schema validation, tool allowlists, redaction, and policy checks • Threat model and test agent workflows for prompt injection and data exfiltration to build repeatable security evaluations Who You Are (Success Profile) • You thrive in ambiguity and are comfortable building the path as you walk it, seeing uncertainty as the raw material to build something meaningful. • You act like an owner with a passion for the mission and a bias for action, navigating seamlessly between strategy and hands-on execution. • You are a problem-solver who seeks out challenges and is energized by finding solutions that deliver the biggest impact. • You are a high-trust collaborator who is ambitious for the team and embraces a challenge culture through candid, respectful feedback. • You operate with urgency and understand that speed and quality are not mutually exclusive in a high-growth environment. What We're Looking for (Minimum Qualifications) • Extensive experience designing and implementing agent runtimes including planning, tool calling, and memory/state controls • 8+ years of experience shipping production security engineering solutions with strong coding skills in Python, TypeScript, or Node • Practical experience integrating frontier model APIs with structured outputs, streaming, and safety controls • Familiarity with agent frameworks such as LangGraph, LangChain, or Semantic Kernel and the ability to extend them securely • Solid experience in cloud security for AWS, GCP, or Azure along with Kubernetes security and Infrastructure as Code What Will Make You Stand Out (Preferred Qualifications) • Familiarity with OWASP LLM Top 10, MITRE ATLAS, or the NIST AI RMF • Experience building red-team style testing or evaluation harnesses for LLM applications and agents • Strong background in data security for RAG, including retrieval authorization and tenancy boundaries #LI-Remote #LI-JM1 Zscaler's salary ranges are benchmarked and are determined by role and level. The range displayed on each job posting reflects the minimum and maximum target for new hire salaries for the position across all US locations and could be higher or lower based on a multitude of factors, including job-related skills, experience, and relevant education or training. The base salary range listed for this full-time position excludes commission/ bonus/ equity (if applicable) + benefits. Base Pay Range $182,000-$260,000 USD Our Benefits program is one of the most important ways we support our employees. Zscaler proudly offers comprehensive and inclusive benefits to meet the diverse needs of our employees and their families throughout their life stages, including: • Various health plans • Time off plans for vacation and sick time • Parental leave options • Retirement options • Education reimbursement • In-office perks, and more! Learn more about Zscaler's Future of Work strategy, hybrid working model, and benefits here.