Commonwealth of Pennsylvania

POSITION DESCRIPTION FOR JOB POSTING

Position Number:  50333434

Description Activated On:  6/23/2026 1:13:50 PM


Position Purpose:
Describe the primary purpose of this position and how it contributes to the organization’s objectives. Example: Provides clerical and office support within the Division to ensure its operations are conducted efficiently and effectively. 

The IT Security Customer Success Manager (CSM) serves as the primary liaison between the Enterprise Information Security Organization (EISO) and agency customers, ensuring agencies effectively adopt and gain maximum value from enterprise cybersecurity services. This role supports agency mission needs while promoting adherence to Commonwealth security policies, standards, and Zero Trust principles. The CSM provides guidance on security services, incident response, vulnerability management, endpoint security, identity protections, and network security services. It also advises on enterprise firewalls and Zero Trust remote access through Zscaler, which replaces traditional VPN technologies. By coordinating these efforts, the CSM enhances the customer experience and improves operational consistency. The position also strengthens the Commonwealth’s overall security posture by aligning agency practices with enterprise expectations.

Description of Duties:
Describe in detail the duties and responsibilities assigned to this position. Descriptions should include the major end result of the task. Example: Types correspondence, reports, and other various documents from handwritten drafts for review and signature of the supervisor.

Serve as the primary point of contact for assigned agencies regarding IT security services and activities.

Facilitate agency onboarding and adoption of enterprise services such as SOC monitoring, SIEM/SOAR capabilities, endpoint protection platforms, threat intelligence, identity security services, and vulnerability management.

Support and coordinate agency needs related to network perimeter security, enterprise firewalls, and Zero Trust access via Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA).

Work closely with firewall engineering teams and network security staff to handle agency requests, including:
 – Creation, modification, or removal of firewall rules
 – Security and access rule validations
 – Inter-agency connectivity requests and application-specific access needs

Guide agencies through required justification, least privilege principles, and compliance expectations for firewall rule changes.

Assist agencies transitioning from legacy VPN connectivity to the Zscaler Zero Trust platform, including updated workflows, access policies, and new application segmentation requirements.

Collaborate with Zscaler engineering teams to support customer requests regarding policy adjustments, ZIA filtering rules, ZPA application segments, and Zero Trust access configurations.

Communicate outcomes of firewall and Zscaler policy decisions, including constraints, risk considerations, and compliance requirements.

Support agency communication throughout cybersecurity incidents, especially those involving firewall blocks, Zero Trust access failures, network containment efforts, or suspicious network activity.

Conduct routine customer engagement sessions, operational reviews, training discussions, and service health checks to ensure alignment with agency objectives and operational needs.

Produce clear customer-facing documentation such as service reports, onboarding guides, process explanations, recommendations, training documents and after-action summaries.

Identify recurring service issues or process gaps and partner with internal Security Operations teams to recommend enhancements.

Support enterprise-wide communication of new capabilities, policy updates, service changes, or operational improvements across Security Operations and Zero Trust infrastructure.

Promote adherence to Commonwealth IT policies, standards, NIST-aligned controls, and enterprise architectural patterns.

Support cross-agency collaboration by collecting customer feedback and contributing insights to strengthen statewide cybersecurity services.

Travel as required.

Perform other duties as required.

Decision Making:
Describe the types of decisions made by the incumbent of this position and the types of decisions referred to others. Identify the problems or issues that can be resolved at the level of this position, versus those that must be referred to the supervisor. Example: In response to a customer inquiry, this work involves researching the status of an activity and preparing a formal response for the supervisor’s signature.

This position receives general direction from the CSM Team Manager; however, the incumbent must exercise independent judgement and initiative in the performance of duties. Work will be reviewed in periodic progress meetings and problem-solving sessions.

Requirements Profile: Identify any specific experience or requirements, such as a licensure, registration, or certification, which may be necessary to perform the functions of the position. Position-specific requirements should be consistent with a Special Requirement or other criteria identified in the classification specification covering this position. Example: Experience using Java; Professional Engineer License

Experience:



Licenses, registrations, or certifications:

1. 
  N/A
 
2.  
N/A
 
3.  
N/A
 
4.  
N/A
 
5.  
N/A
 
6.  
N/A

Essential Functions
: Provide a list of essential functions for this position. Example: Transports boxes weighing up to 60 pounds.
 
 1. Communicates and collaborates effectively, oral and written.
 2. Builds productive relationships with business owners.
 3. Participates on project teams and facilitates technical conversations with cloud and compute technical staff.
 4. Aggressively solves problems; reconciles competing and conflicting priorities and interests.
 5. Tracks metrics to document performance and provides feedback to internal operations teams to enhance customer experience.
 6. Works overtime/emergency hours, as needed.
 7. Coordinates activities with other teams and external business partners.
 8. Organization and time management to effectively multitask in a high-stress environment.
 9. Conduct regular check-ins and strategy sessions with Delivery Center CIO and CTO
 10. Travel, including overnight, as needed.