Skip to main content
TryApplyNow
Zip logo

Senior Security Engineer

Zip
Full TimeseniorRemote
San FranciscoRemotePosted 4 weeks ago

Role Overview

Zip is hiring a Senior Security Engineer. This is a full-time remote role, with the team based in San Francisco. Part of Zip's Mobile hiring. Full responsibilities, required qualifications, and the apply link are listed in the description below.

Resume Keywords to Include

Make sure these keywords appear in your resume to improve ATS scoring

PythonAWSKubernetesTerraformCI/CDDriftORTriage

Job description

ABOUT ZIP

Zip is the AI platform for enterprise procurement — built for humans and agents working together. By orchestrating procurement across teams, tools, and suppliers with the help of AI agents, companies can secure the resources they need to innovate faster than ever before.

The world’s most influential enterprises trust Zip, including T-Mobile, OpenAI, AMD, Mars, Dollar Tree, and more. Together they’ve saved over $8 billion and processed over $500 billion in spend. Zip’s team includes product leaders from Apple, Airbnb, and Meta, as well as former procurement leaders from United Health, Sanofi, MGM Resorts, Discover, and NASA.

Backed by Adams Street, Alkeon, BOND, CRV, DST, Tiger Global, and Y Combinator, Zip has raised $371 million, most recently at a $2.2 billion valuation and has been recognized by Forbes Fintech 50, Fast Company's Most Innovative Companies, Inc. Best in Business, and LinkedIn Top Startups.

YOUR ROLE

The Security team at Zip is responsible for protecting the confidentiality and integrity of our customers' data. As a Security Engineer, you'll take on a dynamic, high-impact role focused on securing the cloud infrastructure that Zip runs on. You'll lead efforts to harden our AWS environment, build foundational security guardrails, and launch key initiatives that solidify the trust customers place in us. Your contributions will be pivotal to the success of Zip's rapid growth as we launch new products, such as AI Agents and an App Marketplace, and enter new markets. We move quickly to solve a wide range of complex technical challenges. While we're an experienced team that provides constant guidance and mentorship, we value engineers who can autonomously scope and solve hard problems.

YOU WILL

  • Design, harden, and operate Zip's AWS architecture – multi-account structure, VPC networking, IAM, and KMS, to eliminate or mitigate entire classes of misconfiguration and vulnerability.
  • Build and maintain golden images and a patch management program across our compute fleet (EC2, containers, and Kubernetes nodes) so infrastructure stays current and secure by default.
  • Codify security into infrastructure as code and CI/CD pipelines through secure baselines, drift detection, and policy-as-code.
  • Lead cloud security initiatives spanning workload identity, secrets management, vulnerability management, and logging and detection across our AWS footprint.
  • Partner on secure design through architecture reviews, threat models, and hands-on assessments of cloud services and infrastructure.
  • Validate, triage, and coordinate security findings from bug bounty, third-party pentests, and cloud security posture scans.
  • Mentor security analysts and security champions on cloud security best practices and techniques.

QUALIFICATIONS

  • Hands-on experience designing and securing AWS environments, including IAM, VPC networking, KMS, and core services.
  • Experience writing production-quality code for security tooling, automation, and infrastructure as code. At Zip, our stack includes Python, Terraform, Kubernetes, and AWS.
  • Familiarity with containers and Kubernetes security.
  • Strong written and verbal communication with internal and external stakeholders.
  • A solid understanding of security risk and the ability to balance security with business requirements.
  • Has to be a US citizen or permanent resident.

NICE TO HAVES

  • Familiarity with compliance frameworks such as SOC 2, ISO 27001, and ISO 42001
  • Hands-on experience in offensive security (eg, through bug bounty programs or CTFs)

The salary range for this role is $160,000 - $240,000. The salary for this position is determined based on a variety of job-related factors that may include location, relevant experience, education, or particular skills and expertise.

PERKS & BENEFITS

At Zip, we’re committed to providing our employees with everything they need to do their best work.

  • 📈 Start-up equity
  • 🦷 100% health, vision & dental coverage options
  • 🍽️ Catered breakfast, lunch, & dinner
  • 🌴 Flexible PTO
  • 🏋️‍♀️ ClassPass membership
  • 🚍 Monthly commuter benefit
  • 🚠 Team building events & happy hours
  • 💻 Home office stipend
  • 🛜 Phone/internet reimbursement
  • 🍼 Paid parental leave
  • 🧑‍🧑‍🧒‍🧒 Fertility stipend
  • 💸 401k plan
  • 🤖 Unlimited AI token usage

We're looking to hire Zipsters and that means hiring people who take ownership, communicate openly, have an underdog mindset, and are excited to increase the pace of innovation for every business in the world. We encourage all candidates to apply even if your experience doesn't exactly match up to our job description. We are committed to building a diverse and inclusive workspace where everyone (regardless of age, religion, ethnicity, gender, sexual orientation, and more) feels like they belong. We look forward to hearing from you!

About Zip

Zip logo

Zip

zip.co

MobileHires remote

94 other open roles at Zip on TryApplyNow.

Frequently Asked Questions

How do I apply for the Senior Security Engineer position at Zip?

Use the Apply button above to submit your application directly to Zip. Most applications take less than 5 minutes if your resume and contact details are ready, and you'll be routed to the employer's official application system to finish.

Is the Senior Security Engineer role at Zip remote?

Yes. This is a remote role. The team is based in San Francisco, but the position itself does not require relocating to that office.

What does a Senior Security Engineer at Zip earn?

Zip has not disclosed a salary range in this posting. Many employers share specifics later in the interview process; you can also ask during a recruiter screen if compensation transparency is important to you.

When was the Senior Security Engineer role at Zip posted?

This role was posted on June 8, 2026 (31 days ago). It's still listed as actively hiring; we re-confirm openings against the source system multiple times per day and remove closed roles.

How much experience does the Senior Security Engineer role at Zip require?

This is a senior-level position. Most senior roles call for 5+ years of directly relevant experience. Zip lists their specific requirements in the description below, so review the must-have qualifications closely before applying.

AI-powered job search

Get every job scored to your resume

Upload your resume and get jobs ranked, your resume tailored, and employee contacts found automatically.

Get started free

No credit card to start