Zscaler
Staff Detection Engineer
Full details on LinkedIn
The complete job description, requirements, and application details are available on the original posting.
About Zscaler
Zscaler, Inc. is a prominent American cloud security company based in San Jose, California, founded in 2007 by Jay Chaudhry and K. Kailash. The company specializes in a cloud-native security platform that secures enterprise networks and data, adapting to the needs of cloud adoption and workforce mobility. Zscaler operates a global security cloud with over 150 data centers, ensuring rapid threat detection and protection for its customers.
Security at Zscaler
Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.
Security Philosophy
- Zscaler's AppSec philosophy includes protecting private apps and APIs with inline inspection and virtual patching.
- The company explicitly states 'shifting security left' and 'security is built in, not bolted on', emphasizing 'prevention at the source'.
- Their risk philosophy references MITRE ATT&CK alignment and prioritizing real-time threat detection.
Security Team
- Zscaler's leadership page lists the executive team, but direct AppSec reporting lines are not publicly detailed.
- LinkedIn profiles reveal a Product Security/Identity & Data Security director-level role (e.g., Krishna Athur).
- Job board index pages were found, but explicit counts for AppSec roles are not yet located.
Key Initiatives
- Zscaler's vulnerability management process involves triage via Bugcrowd and CVSS scoring, as stated on their Vulnerability Disclosure Program page (last updated).
- Product pages and LinkedIn profiles emphasize 'shift-left', 'secure-by-design', and inline protection.
- No explicit public evidence was found for a Security Champions program or internal SLAs/MTTR for remediation.
Preparing for an AppSec interview?
Get the weekly briefing 2,000+ security pros trust.