Netskope Security Engineer
Duration: 6 Month Contract (Possible extension)
Location: Hybrid (Client located Foster City, CA area)
*Must be able to work on W-2 basis
*Must be local to the Foster City, CA
Job Description
One of the country's largest technology-forward organizations is seeking a skilled Data Protection Security Engineer with strong Netskope leadership experience to join their security team onsite in Foster City, CA (at least 3 days per week required). In this role, you will drive the enterprise-wide deployment, configuration, and ongoing management of the Netskope Next-Generation Secure Web Gateway (NG SWG) and Network Private Access (NPA) platforms. You will make a direct impact by guiding the organization’s data protection initiatives, building robust Data Loss Prevention (DLP) strategies, and shaping enterprise-level security posture at scale.
This exciting opportunity to secure and empower business-critical information begins as a 6-month W2 contract, with the possibility of extension. Candidates must be located near Foster City, CA, with onsite presence required at a minimum of three days per week.
- Lead end-to-end administration of the Netskope environment, ensuring robust configuration and alignment with defined security policies and risk objectives.
- Design, deploy, and manage the Netskope NG SWG—steering network traffic, enabling threat detection and response, and implementing advanced SSL inspection, URL filtering, threat protection, and cloud application controls.
- Integrate Netskope with identity and access management tools (e.g., Okta, Azure AD) to customize user-based security controls.
- Oversee endpoint deployment and coordinate with IT teams for effective rollout and maintenance.
- Develop and refine alerting, logging, and reporting channels, leveraging SIEM solutions for real-time security monitoring.
- Architect and implement Netskope NPA to enable zero-trust access, replacing or supporting traditional VPN solutions; set application segmentation and least-privilege access policies.
- Onboard private applications into the NPA framework in partnership with application and IT stakeholders.
- Design and maintain comprehensive DLP policies across web, cloud, and private application layers, focusing on regulated and sensitive data types (PII, PHI, PCI, intellectual property).
- Test and validate DLP rules to optimize detection accuracy, collaborating with compliance and governance functions for ongoing refinement.
- Respond to DLP alerts and lead incident response in accordance with established protocols.
- Serve as a Netskope SME, sharing knowledge across technology and business teams, and producing detailed runbooks, architectural documentation, and operational procedures.
- Mentor junior staff and engage with vendor resources to stay informed on platform updates and capabilities.
Skill Requirements
- 8+ years of professional background in network, cloud, or information security engineering.
- At least 2 years with hands-on enterprise deployment and management of Netskope NG SWG and/or NPA environments.
- Practical expertise in developing, tuning, and managing DLP policies for complex organizational needs.
- Deep understanding of zero-trust network access principles and architectures.
- Advanced skills with SSL/TLS inspection, proxy configurations, and cloud access security broker (CASB) technologies.
- Familiar with identity platforms such as Okta, Azure AD, and protocols like SAML, SCIM.
- Working knowledge of compliance frameworks relevant to data protection (e.g., HIPAA, PCI-DSS, GDPR, CCPA).
- Strong analytical thinking, troubleshooting acumen, and a detail-oriented, proactive approach to problem-solving.
Preferred: Netskope certifications (e.g., Netskope One Professional), experience integrating with SIEM/SOAR tools (e.g., Splunk, Microsoft Sentinel), scripting skills (Python, PowerShell) for automation, and familiarity with additional DLP solutions.
Preferred certifications: CISSP, CCSP, CISM, CompTIA Security+/Network+.
Education
Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related field—or equivalent hands-on experience in lieu of a degree.
You will receive the following benefits
- Medical Insurance & Health Savings Account (HSA)
- 401(k)
- Paid Sick Time Leave
- Pre-tax Commuter Benefit
Motion Recruitment provides IT Staffing Solutions (Contract, Contract-to-Hire, and Direct Hire) in major North American markets. Our unique expertise in today’s highest-demand tech skill sets, paired with our deep networks and knowledge of our local technology markets, results in an exemplary track record with candidates and clients.