Start your adventure with Zip 

Join Zip’s Engineering function and put your name to solving fascinating challenges at scale in an agile, test-driven development environment. If you value good domain-driven design and enjoy delivering quality work at pace, you’ll be a great fit with the squads responsible for building cloud-native software applications that serve millions of customers and process billions of dollars in payments. 

​

As a Senior Technical Cloud Security Assessor, you will conduct extensive and ongoing technical evaluations of our cloud-native ecosystem and its integrations with third-party products, to ensure the security and compliance of our Buy Now, Pay Later (BNPL) service. You will collaborate with multiple engineering teams across Zip US to contribute to the effectiveness and productivity of our SecOps function. You will champion cross-functional risk remediation focus across security, infrastructure, engineering and risk teams.

​

Interesting problems you’ll get to solve

• Define, document and assess the catalog of security control requirements at the software application, system, identity and network level, to meet the internal and external security audit requirements using frameworks such as PCI-DSS, ISO 27001, NIST-CSF, SOX and ITGC. 
• Develop and maintain security control requirements for third party services (e.g., cloud service providers, contractors, vendors, third party products)
• Continuously collaborate and communicate with internal application owners, legal, compliance and external stakeholders using workflows and collaboration tools such as JIRA, confluence, etc.
• Monitor and document security impacts across major changes in infrastructure, platforms and software. Receive control gaps from detection & monitoring, incident response and change management activities and track findings to overall security posture
• Participate in the Policy and Governance process to provide recommendations on security controls, risks, mitigations, and other technical parameters. 
• Perform risk analysis (e.g., threat, vulnerability, and probability of occurrence) at major changes or audit intervals. Deliver inherent and residual risk interpretations of controls, gaps and standard remediations in collaboration with engineering and risk functions
• Maintain management reporting capabilities to describe and communicate KRIs across frameworks
• Document best practices and control implementations, BCP plans, operational SLAs, procedures and runbooks

Key FY Initiatives

• Uplifting the Zip U.S. security maturity via standardized security implementations
• Elevating the application security program to ensure proper security controls from design through production
• Automate security solutions for automated patching, identity and access management, and API security

​

What you’ll bring to the team 

• You have a strong foundation of technical security concepts (such as cloud, virtual machines, microservices, Kubernetes, network appliances, VPN, zero trust IAM, SIEM, EDR) and cloud-native (Azure) primitives (such as Active Directory, PIM, Azure Front Door, Azure WAF, etc).
• 7+ years experience in the FinTech and Payment industry and deep understanding of security and compliance frameworks such as PCI-DSS, ISO 27001, NIST and SOX.
• Ability to prioritize and execute programs in a high-growth business environment, collaborating painstakingly with stakeholders across multiple time zones.
• You have a strong attention to detail, and good command over the English language to translate risk and control requirements into technical control implementation contexts (and vice-versa) 
• You have a passion for security. You align with big picture business objectives, and understand cost-benefit-risk considerations.
• Experience reading and interpreting the telemetry from security monitoring tools, incident response analysis and risk remediation processes.
• Preferred certifications: CISSP, CISA, Microsoft cybersecurity architect 

​

What you’ll get in return

Zip is a place where you’ll get out what you put in. The newness of our sector means we need to move at pace and embrace change, and our promise to you when you join the team is that you’ll feel empowered and trusted to make big things happen quickly. 

We want you to feel welcome and as though you have the support to be yourself, and care for yourself at work. Because it’s important to us that you make the most of the opportunities you’ll get to grow your skills and your career, and be surrounded by smart, friendly people and leaders that have your back.

​

We think these are just some of the best things about being a Zipster. We will also offer you:

• Flexible working culture
• Incentive programs
• 20 days PTO every year
• Generous paid parental leave
• Leading family support policies
• 100% employer covered insurance
• Beautiful Midtown office with a casual dress code
• Learning and wellness subscription stipend
• Company-sponsored 401k match

​

The Pay Range for this position: $135,000 - $186,000 USD based on the industry benchmark for position, function, level and Zip's compensation strategies. However, actual base salary will depend on varying circumstances and individualized factors, such as job-related knowledge, skills, experience, and other objective business considerations. 

​

Subject to those same considerations, the total compensation package for this position may also include other elements, including a bonus and/or equity awards, in addition to a full range of medical, financial, and/or other benefits. 

​

Be a part of a team that reflects the diversity of our customers

We pride ourselves on being a workplace that provides equal opportunities to people of all ages, cultural backgrounds, sexual orientations, gender identities, abilities, veteran status, and everything else that makes you unique.

Equally, we’re committed to ensuring our recruitment processes are accessible and inclusive. Please let us know If there are any adjustments that need to be made to ensure you have a fair and equitable experience.

​

And finally…get to know us

Zip is a global ‘Buy Now, Pay Later’ company that gives our millions of customers simpler and fairer ways to pay. 

​

We are proud to be a global business built around our US and ANZ core markets working with merchant partners including Amazon, Best Buy, eBay and Uber. United by our mission, purpose and values - Customer First, Own It, Stronger Together & Change The Game - we are the next generation of payments, helping people across the globe to fearlessly take control of their financial future.

​

We are Zip, and we are just getting started.