2nd Line Network Engineer (SASE & Zscaler)
We are seeking a skilled 2nd Line Network Engineer with hands-on experience in SASE technologies and Zscaler to join our Managed Services team. You will play a key role in supporting, operating, and optimising our cloud-delivered network security platforms, ensuring high availability, performance, and security across a global customer estate.
Acting as an escalation point for 1st line support, you will troubleshoot complex incidents, support SASE transformation initiatives, and work closely with senior engineers and architects on operational excellence and continuous improvement.
Key Responsibilities
Support & Troubleshooting
* Provide 2nd line support for incidents relating to Zscaler ZIA, ZPA, and SASE services
* Troubleshoot traffic forwarding, authentication, policy enforcement, SSL inspection, latency, and connectivity issues
* Analyse logs, policies, and configurations to identify root cause
* Act as an escalation point for 1st line teams, resolving issues within SLA
Configuration & Operations
* Manage Zscaler policies including URL filtering, firewall rules, DLP, bandwidth controls, and access policies
* Support SD-WAN, tunnel management, identity integration, certificates, and Zscaler Client Connector
* Perform routine service health checks, tuning, and optimisation
* Maintain high-quality technical documentation and change records
Network & Project Support
* Support WAN, LAN, Wi-Fi, VPN, DNS, proxy, and firewall troubleshooting
* Assist with SASE and Zscaler deployment and migration projects
* Collaborate with senior engineers, security teams, and customers
* Participate in on-call rota and occasional out-of-hours work
* Exposure to technologies such as Juniper Mist, Cato Networks, Aruba, Fortinet, Palo Alto (training provided)
Essential Skills & Experience
* Strong experience supporting Zscaler ZIA and ZPA
* Solid understanding of SASE architectures and cloud security
* Strong networking fundamentals (TCP/IP, DNS, DHCP, routing, BGP/OSPF)
* Experience with SD-WAN, VPNs, GRE/IPsec tunnels, PAC files
* Identity and authentication integration (SAML, Azure AD, Okta)
* Experience in a 2nd line managed services environment (2–5 years)
* Strong troubleshooting, analytical, and documentation skills
* Confident communicator able to engage with senior stakeholders
* Able to work under pressure with high levels of autonomy
* Willingness to travel occasionally within the UK
* Eligible for SC and NPPV3+ Security Clearance
Desirable Skills
* Zscaler certifications (ZCCP, ZCCA-IA/PA, ZCP)
* Experience with Palo Alto, Fortinet, Cisco, Cato Networks
* Knowledge of DLP, CASB, SSL inspection, web security
* Scripting/automation (PowerShell, Python)
* ITIL experience
Personal Attributes
* Customer-focused with a passion for service excellence
* Professional, resilient, and tenacious
* Strong attention to detail and problem ownership
* Self-motivated team player with excellent communication skills
* Able to translate complex technical issues for non-technical audiences
Qualifications
* CCNA, CCNP, Network+, or equivalent experience
* Cloud, security, or SASE certifications highly desirable