Security Engineer

Costa Rica

Company Overview

At Zuora, we do Modern Business. We’re helping people subscribe to new ways of doing business that are better for people, companies and ultimately the planet. It’s an approach resulting from the shift to the Subscription Economy that puts customers first by building recurring relationships instead of one-time product sales and focuses on sustainable growth. Through our leading expertise and multi-product suite, we are transforming all industries and working with the world’s most innovative companies to monetize new business models, nurture subscriber relationships and optimize their digital experiences.

The Team & Role

Zuora Security is dedicated to safeguarding our cloud-based application ecosystem. Our teams are responsible for defending infrastructure, managing internal and external security services, and collaborating closely with engineering, customer support, and other departments to prioritize customer security. Operating on a global follow-the-sun model across the US, Beijing, and India, we provide 24/7/365 protection for Zuora’s SaaS products and platforms.

Within this, the Infrastructure Security team focuses on securing Zuora’s foundational systems, services, and environments. We design and manage cloud-native infrastructure security controls, enabling safe, scalable operations while proactively protecting against modern threats. Our team values innovation, automation, artificial intelligence, and close collaboration to meet the demands of a rapidly expanding business.

This is an exciting time to join Zuora — as our global infrastructure grows in scale and complexity, so does the opportunity to shape our security strategy and execution. In this role, you’ll help design, implement, and manage robust security solutions while leveraging cutting-edge technologies like AI-based security automation, cloud-native tooling, and proactive threat detection frameworks. You’ll play a critical role in safeguarding our infrastructure and enabling Zuora’s secure growth.

This is a remote position, so you’ll work from wherever you’re most productive, with occasional in-person office visits, events, or offsites. Of course, you’re welcome to use our offices regularly if you're nearby.

What you’ll do

• Architect and implement automated, AI-driven security solutions to fortify our AWS Cloud infrastructure, improving operational efficiency and reducing risk.
• Provide technical leadership by designing, implementing, and optimizing security controls across both infrastructure and application environments.
• Collaborate cross-functionally with engineering, infrastructure, and operational teams to gather requirements and design practical, scalable security measures.
• Identify and address emerging threats through continuous monitoring, vulnerability assessments, penetration testing, and log analysis.
• Mentor and grow within a high-performing security team, sharing your expertise and contributing to a culture of continuous learning.
• Lead and participate in on-call rotations, ensuring 24/7/365 security coverage and effective, timely incident response as part of our global operations model.
• Work hands-on with modern security tools and platforms, including CSPM, CWPP, SOAR, EDR/XDR, IaC security, Kubernetes security, and AI/ML-based security automation — keeping your skills sharp in one of cybersecurity’s fastest-evolving areas.

What we’re looking for

Education:

• Bachelor’s degree in Computer Science, Information Security, or a related field (or equivalent practical experience). An advanced degree is a plus.

Experience:

• Typically, 8+ years of progressive experience in security operations, infrastructure security, or a related field.
• 3–5 years of hands-on experience with AWS and Azure cloud security, including Infrastructure-as-Code software and tooling.
• Experience working with infrastructure supporting containerized applications (EKS, ECS, or similar).
• Experience developing and maintaining technical and procedural documentation and security policies.
• Proven experience in security incident handling, root cause analysis, and operational incident management.
• Practical experience using AI and automation in security workflows.
• Experience managing infrastructure vulnerability management programs.
• Familiarity with Agile methodologies applied to security engineering projects.

Technical Skills:

• Strong understanding of security fundamentals, including system internals, cryptographic protocols, and attack surface reduction strategies.
• Proficiency in scripting languages such as Python, PowerShell, or Perl for automation.
• Hands-on experience with industry-standard security solutions like SIEM, SOAR, CSPM, DSPM, CDR, CWPP, etc.
• Solid knowledge of cloud security technologies, including IAM, encryption, key management, AWS GuardDuty, WAF, etc.
• Familiarity with web application security threats (e.g., OWASP Top 10) and mitigation strategies.
• Proficiency in Linux systems administration and troubleshooting.

Preferred Certifications:

• AWS Certified Security Specialist, Azure Security Engineer Associate, or other relevant industry certifications.

Soft Skills:

• Strong problem-solving and analytical skills.
• Excellent written and verbal communication abilities.
• Strong interpersonal skills for effective collaboration across diverse, distributed teams.
• Ability to adapt to fast-paced, changing environments and manage ambiguity.
• Proven leadership, mentorship, and team-building skills.
• Meticulous attention to detail, with the ability to prioritize and manage work under pressure.

#ZEOLife at Zuora

As an industry pioneer, our work is constantly evolving and challenging us in new ways that require us to think differently, iterate often and learn constantly—it’s exciting. Our people, whom we refer to as “ZEOs" are empowered to take on a mindset of ownership and make a bigger impact here. Our teams collaborate deeply, exchange different ideas openly and together we’re making what’s next possible for our customers, community and the world.

As part of our commitment to building an inclusive, high-performance culture where ZEOs feel inspired, connected and valued, we support ZEOs with:

• Competitive compensation, variable bonus and performance reward opportunities, and retirement programs
• Medical, dental and vision insurance
• Generous, flexible time off
• Paid holidays, “wellness” days and company wide end of year break
• 6 months fully paid parental leave
• Learning & Development stipend
• Opportunities to volunteer and give back, including charitable donation match
• Free resources and support for your mental wellbeing

Specific benefits offerings may vary by country and can be viewed in more detail during your interview process.

Location & Work Arrangements

Organizations and teams at Zuora are empowered to design efficient and flexible ways of working, being intentional about scheduling, communication, and collaboration strategies that help us achieve our best results. In our dynamic, globally distributed company, this means balancing flexibility and responsibility — flexibility to live our lives to the fullest, and responsibility to each other, to our customers, and to our shareholders. For most roles, we offer the flexibility to work both remotely and at Zuora offices.

Our Commitment to an Inclusive Workplace

Think, be and do you! At Zuora, different perspectives, experiences and contributions matter. Everyone counts. Zuora is proud to be an Equal Opportunity Employer committed to creating an inclusive environment for all.

Zuora does not discriminate on the basis of, and considers individuals seeking employment with Zuora without regards to, race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics.

We encourage candidates from all backgrounds to apply. Applicants in need of special assistance or accommodation during the interview process or in accessing our website may contact us by sending an email to assistance@zuora.com.