Zscaler

Staff Technical Program Manager - Compliance Architecture

Zscaler$119K — $170K *
US-AnywhereRemote in United States
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in Computer Science, Information Systems, Engineering, or related field.
  • 5+ years in compliance, security architecture, compliance engineering, or technical audit.
  • Foundational understanding of AI/ML technologies and securing AI-driven solutions.
  • Proficiency in public cloud services (AWS, Azure, GCP) with experience in architecture diagrams and control narratives.
  • Experience performing architecture reviews against FedRAMP High or DoD IL5 frameworks.

Responsibilities

  • Define and maintain enterprise privacy baseline requirements embedded in the SDLC.
  • Establish standardized privacy-by-design patterns in collaboration with Engineering/Compliance Engineering.
  • Conduct privacy architecture reviews and operational readiness assessments to identify data-handling risks.
  • Maintain authoritative data flow diagrams and processing narratives for audit readiness.
  • Evaluate significant changes for potential impacts on data processing scope and drive cross-functional alignment.

Benefits

  • Various health plans
  • Time off plans for vacation and sick time
  • Parental leave options
  • Retirement options
  • Education reimbursement
  • In-office perks and more!
Full Job Description
Role

We are looking for a Staff Compliance Architect to join our team. This is a Remote (if located outside of the San Jose, CA area) or Hybrid (based in San Jose, CA) role, reporting to the Director, Technology Risk and Compliance in the Exposure Management & Security Operations department. Zscaler is seeking an experienced Staff Compliance Architect to serve as the compliance team's technical subject matter expert and to embed scalable, auditable compliance requirements into product and infrastructure delivery. This role brings an architectural mindset to compliance, partnering closely with Engineering, Product, Compliance Engineering, and Authorization Operations (AuthOps) to translate regulatory and assurance obligations into clear technical requirements, standardized implementation patterns, and automated validation.

What you'll do (Role Expectations)
  • Define and maintain enterprise privacy baseline requirements, embedding them into the SDLC by translating regulatory and assurance expectations (e.g., NIST 800-53, FedRAMP/DoD IL5 privacy-relevant controls, and ISO 27701/ISO 42001) into measurable technical criteria and acceptance tests
  • Establish standardized privacy-by-design patterns (data minimization, purpose limitation, retention/deletion, privacy-safe telemetry, access controls) and partner with Engineering/Compliance Engineering to automate validation and evidence collection through CI/CD guardrails and policy-as-code
  • Conduct privacy architecture reviews and operational readiness assessments to identify data-handling risks (collection, use, sharing, storage, logging), and provide actionable remediation guidance aligned to engineering realities and delivery timelines
  • Maintain authoritative data flow diagrams and processing narratives, ensuring data classifications, processing purposes, transfer points, trust boundaries, and retention expectations are current, consistent, and audit-ready
  • Evaluate significant changes for impacts to data processing scope, trust boundaries, and authorization boundaries; drive cross-functional alignment across Engineering, Product, Security, and Legal/Privacy stakeholders and ensure decisions are documented for auditability

Who You Are (Success Profile)
  • You thrive in ambiguity. You're comfortable building the path as you walk it. You thrive in a dynamic environment, seeing ambiguity not as a hindrance, but as the raw material to build something meaningful.
  • You act like an owner. Your passion for the mission fuels your bias for action. You operate with integrity because you genuinely care about the outcome. True ownership involves leveraging dynamic range: the ability to navigate seamlessly between high-level strategy and hands-on execution.
  • You are a problem-solver. You love running towards the challenges because you are laser-focused on finding the solution, knowing that solving the hard problems delivers the biggest impact.
  • You are a high-trust collaborator. You are ambitious for the team, not just yourself. You embrace our challenge culture by giving and receiving ongoing feedback-knowing that candor delivered with clarity and respect is the truest form of teamwork and the fastest way to earn trust.
  • You are a learner. You have a true growth mindset and are obsessed with your own development, actively seeking feedback to become a better partner and a stronger teammate. You love what you do and you do it with purpose.

What We're Looking for (Minimum Qualifications)
  • Foundational understanding of AI/ML technologies and experience leveraging, securing, or positioning AI-driven solutions to optimize outcomes within your functional domain
  • Bachelor's degree in Computer Science, Information Systems, Engineering, or a related field
  • 5+ years of experience in compliance, security architecture, compliance engineering, or technical audit with a focus on translating control requirements into technical verification mechanisms
  • Proven experience performing architecture reviews and gap analysis against FedRAMP High or DoD IL5 frameworks
  • Proficiency in public cloud services (AWS, Azure, or GCP) paired with a strong track record of producing architecture diagrams, control narratives, and driving outcomes through engineering partnerships

What Will Make You Stand Out (Preferred Qualifications)
  • Experience building automated data governance frameworks or compliance verification systems specifically tailored to generative AI applications and large language model (LLM) data trust boundaries
  • Experience building automated control validation systems such as policy-as-code or CI/CD control gates
  • Deep familiarity with identity and authorization architectures, trust boundaries, and professional compliance certifications such as CISSP, CISA, CCSP, or specialized cloud security credentials

#LI-JG1 #LI-Hybrid #LI-Remote

Zscaler's salary ranges are benchmarked and are determined by role and level. The range displayed on each job posting reflects the minimum and maximum target for new hire salaries for the position across all US locations and could be higher or lower based on a multitude of factors, including job-related skills, experience, and relevant education or training.

The base salary range listed for this full-time position excludes commission/ bonus/ equity (if applicable) + benefits.

Base Pay Range

$119,000-$170,000 USD

Our Benefits program is one of the most important ways we support our employees. Zscaler proudly offers comprehensive and inclusive benefits to meet the diverse needs of our employees and their families throughout their life stages, including:

  • Various health plans
  • Time off plans for vacation and sick time
  • Parental leave options
  • Retirement options
  • Education reimbursement
  • In-office perks, and more!


Learn more about Zscaler's hybrid working model and benefits here.

About Zscaler

Zscaler is a cloud-based information security company that provides Internet security, web security, firewalls, sandboxing, SSL inspection, antivirus, vulnerability management and granular control of user activity in cloud computing, mobile and Internet of things environments. The company is headquartered in San Jose, California, and has offices in Australia, India, Japan, Singapore, the United Kingdom, and the United States.
Learn more about Zscaler
Size
3,153 employees
Market Cap
$15.5 billion
Industry
Net Income
-$191.4 million
Founded
2008
5 Year Trend
+54.1%
Revenue
$536 million
NASDAQ

Similar Jobs

More Jobs at Zscaler

More Information Technology Jobs

Find similar Staff Technical Program Manager - Compliance Architecture jobs: