Senior Cloud Infrastructure Security Engineer
Zip is tackling the $50B+TAM space to transform the way businesses manage spend. Our co-founders started Zip (YC S2020) because they saw the challenges companies had using outdated 20 year old software to manage hundreds of millions of dollars in spend every year. We invented the world’s leading Intake-to-Procure solution to bring a consumer grade user experience to B2B purchasing. And, we’re just getting started.
We're a fast growing team that helped scale category-defining companies like Airbnb, Facebook, Salesforce, Apple, Quora, Pinterest, and Square. With $180 million in funding from YC Continuity (Y Combinator), CRV and Tiger Global, we're valued at $1.5 billion in just 3 years. In today's economic climate, the value we offer our customers is more critical than ever and our business is accelerating. We're growing quickly and need your help!
The security team at Zip is committed to maintaining the security and confidentiality of our customer’s data. As a Senior Security Engineer, you’ll take on a dynamic role, designing and implementing defensive measures across our production and corporate infrastructure. We move quickly to solve a wide range of complex technical and product challenges. While we are an experienced team that can provide constant guidance and mentorship, we value engineers who can autonomously scope and solve difficult technical challenges.
- Implement and administer tooling across cloud infrastructure (CSPM, SIEM)
- Build and manage secure SDLC programs, including design reviews, SCA, vulnerability management, and SAST/DAST
- Create and maintain threat models for Zip’s product, production infrastructure, and enterprise systems
- Drive adoption of security processes to guide security best practices across product development
- Participate in incident response, red team exercises, and bug bounty triage
- 4+ years of experience in a security engineering role
- Experience in scalable cloud technologies, such as AWS, Kubernetes, IaC, and CI/CD
- Experience working in enterprise SaaS, preferably with experience in fintech
- An understanding of security best practices and frameworks, such as the OWASP Top 10, NIST CSF, SLSA framework
- Exposure to compliance and regulatory frameworks such as SOC 2, ISO 27001, GDPR, and CCPA
The salary range for this role is $150,000 - $200,000. The salary for this position is determined based on a variety of job-related factors that may include location, relevant experience, education, or particular skills and expertise.
Perks & Benefits
At Zip, we’re committed to providing our employees with everything they need to do their best work.
- 📈 Start-up equity
- 🦷 Full health, vision & dental coverage
- 🍽️ Catered lunches & dinners for SF employees
- 🚍 Commuter benefit
- 🚠 Team building events & happy hours
- 🌴 Unlimited PTO
- 💻 Apple equipment plus home office budget
- 💸 401k plan
We're looking to hire Zipsters and that means hiring people who take ownership, communicate openly, have an underdog mindset, and are excited to increase the pace of innovation for every business in the world. We encourage all candidates to apply even if your experience doesn't exactly match up to our job description. We are committed to building a diverse and inclusive workspace where everyone (regardless of age, religion, ethnicity, gender, sexual orientation, and more) feels like they belong. We look forward to hearing from you!