About Zip

Zip is the AI platform for enterprise procurement — built for humans and agents working together. By orchestrating procurement across teams, tools, and suppliers with the help of AI agents, companies can secure the resources they need to innovate faster than ever before.

The world’s most influential enterprises trust Zip, including T-Mobile, OpenAI, AMD, Mars, Dollar Tree, and more. Together they’ve saved over $8 billion and processed over $500 billion in spend. Zip’s team includes product leaders from Apple, Airbnb, and Meta, as well as former procurement leaders from United Health, Sanofi, MGM Resorts, Discover, and NASA.

Backed by Adams Street, Alkeon, BOND, CRV, DST, Tiger Global, and Y Combinator, Zip has raised $371 million, most recently at a $2.2 billion valuation and has been recognized by Forbes Fintech 50, Fast Company's Most Innovative Companies, Inc. Best in Business, and LinkedIn Top Startups.

Your Role

The Security team at Zip is responsible for protecting the confidentiality and integrity of our customers' data. As a Security Engineer, you'll take on a dynamic, high-impact role focused on securing the cloud infrastructure that Zip runs on. You'll lead efforts to harden our AWS environment, build foundational security guardrails, and launch key initiatives that solidify the trust customers place in us. Your contributions will be pivotal to the success of Zip's rapid growth as we launch new products, such as AI Agents and an App Marketplace, and enter new markets. We move quickly to solve a wide range of complex technical challenges. While we're an experienced team that provides constant guidance and mentorship, we value engineers who can autonomously scope and solve hard problems.

You Will

• Design, harden, and operate Zip's AWS architecture – multi-account structure, VPC networking, IAM, and KMS, to eliminate or mitigate entire classes of misconfiguration and vulnerability.

• Build and maintain golden images and a patch management program across our compute fleet (EC2, containers, and Kubernetes nodes) so infrastructure stays current and secure by default.

• Codify security into infrastructure as code and CI/CD pipelines through secure baselines, drift detection, and policy-as-code.

• Lead cloud security initiatives spanning workload identity, secrets management, vulnerability management, and logging and detection across our AWS footprint.

• Partner on secure design through architecture reviews, threat models, and hands-on assessments of cloud services and infrastructure.

• Validate, triage, and coordinate security findings from bug bounty, third-party pentests, and cloud security posture scans.

• Mentor security analysts and security champions on cloud security best practices and techniques.

Qualifications

• Hands-on experience designing and securing AWS environments, including IAM, VPC networking, KMS, and core services.

• Experience writing production-quality code for security tooling, automation, and infrastructure as code. At Zip, our stack includes Python, Terraform, Kubernetes, and AWS.

• Familiarity with containers and Kubernetes security.

• Strong written and verbal communication with internal and external stakeholders.

• A solid understanding of security risk and the ability to balance security with business requirements.

• Has to be a US citizen or permanent resident.

Nice to haves

• Familiarity with compliance frameworks such as SOC 2, ISO 27001, and ISO 42001

• Hands-on experience in offensive security (eg, through bug bounty programs or CTFs)

The salary range for this role is $160,000 - $240,000. The salary for this position is determined based on a variety of job-related factors that may include location, relevant experience, education, or particular skills and expertise.

Perks & Benefits

At Zip, we’re committed to providing our employees with everything they need to do their best work.

• 📈 Start-up equity

• 🦷 100% health, vision & dental coverage options

• 🍽️ Catered breakfast, lunch, & dinner

• 🌴 Flexible PTO

• 🏋️‍♀️ ClassPass membership

• 🚍 Monthly commuter benefit

• 🚠 Team building events & happy hours

• 💻 Home office stipend

• 🛜 Phone/internet reimbursement

• 🍼 Paid parental leave

• 🧑‍🧑‍🧒‍🧒 Fertility stipend

• 💸 401k plan

• 🤖 Unlimited AI token usage

We're looking to hire Zipsters and that means hiring people who take ownership, communicate openly, have an underdog mindset, and are excited to increase the pace of innovation for every business in the world. We encourage all candidates to apply even if your experience doesn't exactly match up to our job description. We are committed to building a diverse and inclusive workspace where everyone (regardless of age, religion, ethnicity, gender, sexual orientation, and more) feels like they belong. We look forward to hearing from you!