Senior Security Engineer I

• Implement and maintain cloud-native security controls across Zip’s Azure microservices, focusing on IAM, network, and application layers
• Proactively identify and mitigate vulnerabilities in collaboration with engineering and infrastructure teams
• Remote-first opportunity for US-based employees with the option to work in-person out of our Manhattan office.

Start your adventure with Zip

Join Zip’s Engineering function and put your name to solving fascinating challenges at scale in an agile, test-driven development environment. If you value good domain-driven design and enjoy delivering quality work at pace, you’ll be a great fit with the squads responsible for building cloud-native software applications that serve millions of customers and process billions of dollars in payments.

As a Senior Security Engineer, you will be responsible for implementing cloud security controls that ensure the trust and reliability of our Buy Now, Pay Later (BNPL) service. Your day to day work will span analyzing an Azure cloud-native, microservices environment for security control gaps and implementing secure configurations and solutions for network, IAM and application security. You will champion cross-functional collaboration across security and engineering teams and implement globally applicable controls wherever possible.

You’ll work across teams—security, engineering, infrastructure, and data—to assess risks, implement AI-specific security controls, automate secure deployment pipelines, and guide the secure adoption of new AI tools and services.

Interesting problems you’ll get to solve

• Formulation of the overall program delivery plan according to agreed priority
• Work with stakeholders varying from group executive to helpdesk staff, across the entire organization to deliver defined benefits as per scope
• Be able to understand and articulate complex systems architecture and issues
• Define and manage risk across the overall program
• Collaborate with infrastructure and engineering teams to identify remediation owners and develop strategies to manage risks proactively
• Regularly monitor and triage vulnerabilities resulting from automated security scans and manual security assessments
• Raising, tracking, and ensuring resolution of risks, issues, and dependencies
• Acting as the point of contact for external delivery partner
• Support technical evaluation and evidence for security assessments and audits.
• Mature the vulnerability management capabilities through policy alignment, threat detection, endpoint platforms & compliance systems

What you’ll bring to the team

• BS or MS in Computer Science, Information Security, or a related technical field; additional credentials in cloud security, offensive security, or risk management are highly valued
• Security certifications strongly preferred, such as CISSP, CCSP, OSCP, GIAC, or AZ-500
• 7+ years of experience in security engineering or cloud infrastructure security, ideally in regulated or high-trust environments (e.g., fintech, healthcare, critical infrastructure)
• Hands-on experience with Azure-native security controls (e.g., Microsoft Defender for Cloud, Azure Policy, Sentinel), container security, secrets management, and SSO/IAM integrations
• Proven ability to work across disciplines and influence without authority, comfortable interfacing with Engineering, Legal, Product, and Audit functions
• Deep familiarity with threat modeling, security architecture, and risk analysis methodologies (e.g., STRIDE, MITRE ATT&CK)
• Strong written and verbal communication skills, able to articulate complex risks in business terms and influence decision-making
• Demonstrated use of AI to improve security workflows; you don’t just use security tools, you build smarter ways to manage risk

What you’ll get in return

Zip is a place where you’ll get out what you put in. The newness of our sector means we need to move at pace and embrace change, and our promise to you when you join the team is that you’ll feel empowered and trusted to make big things happen quickly.

We want you to feel welcome and as though you have the support to be yourself, and care for yourself at work. Because it’s important to us that you make the most of the opportunities you’ll get to grow your skills and your career, and be surrounded by smart, friendly people and leaders that have your back.

We think these are just some of the best things about being a Zipster. We will also offer you:

• Incentive programs
• 20 days PTO every year
• Generous paid parental leave
• Leading family support policies
• 100% employer covered insurance
• Beautiful Union Square office with a casual dress code
• Learning and wellness subscription stipend
• Company-sponsored 401k match

Zip is committed to a straightforward and transparent pay structure. The actual base salary will be determined by various individualized factors, including job-related knowledge, skills, experience, location, internal equity, as well as other objective business considerations.

The annual basePay Rangefor this position is $135,000-$160,000. This range reflects our US national compensation (USN). Additional premium percentages may apply based on our tiered premium strategy. Subject to those same considerations, the total compensation package for this position may also include other elements, including a bonus and/or equity awards, in addition to a full range of medical, financial, and/or other benefits. If hired, employees will be in an 'at-will position' and the Company reserves the right to modify base salary (as well as any other discretionary payment or compensation or benefit program) at any time, including for reasons related to individual performance, Company or individual department/team performance, and market factors.

Be a part of a team that reflects the diversity of our customers

We pride ourselves on being a workplace that provides equal opportunities to people of all ages, cultural backgrounds, sexual orientations, gender identities, abilities, veteran status, and everything else that makes you unique.

Equally, we’re committed to ensuring our recruitment processes are accessible and inclusive. Please let us know If there are any adjustments that need to be made to ensure you have a fair and equitable experience.

And finally…get to know us

Zip Co Limited (ASX: ZIP) is a digital financial services company, offering innovative, people-centred products that bring customers and merchants together.

Operating in two core markets - Australia and New Zealand (ANZ) and the US, Zip offers point-of-sale credit and digital payment services, connecting millions of customers with its global network of tens of thousands of merchants.

We’re proud to be a values-led business and our values - Customer First, Own it, Stronger Together and Change the Game - guide us in everything we do.

I acknowledge by clicking "Submit Application", that the information provided is true and correct. I also understand that any willful dishonesty may render for refusal of this application or immediate termination of employment. By providing your information, you acknowledge that you have read ourZip Applicant and Candidate Privacy Notice and authorize Zip to process your data subject to those terms

Zip participates in the federal government’s E-Verify program

*

indicates a required field

First Name *

Last Name *

Email *

Phone

Resume/CV

Enter manually

Accepted file types: pdf, doc, docx, txt, rtf

Enter manually

Accepted file types: pdf, doc, docx, txt, rtf

LinkedIn Profile *

Website

Do you now or in the future require visa sponsorship to continue working in the United States? * Select...

What US state do you reside in? * Select...

What are your salary expectations? *

For government reporting purposes, we ask candidates to respond to the below self-identification survey.Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiringprocess or thereafter. Any information that you do provide will be recorded and maintained in aconfidential file.

As set forth in Zip Co Limited’s Equal Employment Opportunity policy,we do not discriminate on the basis of any protected group status under any applicable law.

If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection.As a government contractor subject to the Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we request this information in order to measurethe effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Classification of protected categoriesis as follows:

A "disabled veteran" is one of the following: a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability.

A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.

An "active duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.

An "Armed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.

Select...

Form CC-305

Page 1 of 1

OMB Control Number 1250-0005

Expires 04/30/2026

We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. We have a goal of having at least 7% of our workers as people with disabilities. The law says we must measure our progress towards this goal. To do this, we must ask applicants and employees if they have a disability or have ever had one. People can become disabled, so we need to ask this question at least every five years.

Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp .

A disability is a condition that substantially limits one or more of your “major life activities.” If you have or have ever had such a condition, you are a person with a disability. Disabilities include, but are not limited to:

• Alcohol or other substance use disorder (not currently using drugs illegally)
• Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, HIV/AIDS
• Blind or low vision
• Cancer (past or present)
• Cardiovascular or heart disease
• Celiac disease
• Cerebral palsy
• Deaf or serious difficulty hearing
• Diabetes
• Disfigurement, for example, disfigurement caused by burns, wounds, accidents, or congenital disorders
• Epilepsy or other seizure disorder
• Gastrointestinal disorders, for example, Crohn's Disease, irritable bowel syndrome
• Intellectual or developmental disability
• Mental health conditions, for example, depression, bipolar disorder, anxiety disorder, schizophrenia, PTSD
• Missing limbs or partially missing limbs
• Mobility impairment, benefiting from the use of a wheelchair, scooter, walker, leg brace(s) and/or other supports
• Nervous system condition, for example, migraine headaches, Parkinson’s disease, multiple sclerosis (MS)
• Neurodivergence, for example, attention-deficit/hyperactivity disorder (ADHD), autism spectrum disorder, dyslexia, dyspraxia, other learning disabilities
• Partial or complete paralysis (any cause)
• Pulmonary or respiratory conditions, for example, tuberculosis, asthma, emphysema
• Short stature (dwarfism)
• Traumatic brain injury

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.