Information Security Analyst

Zip is tackling the $50B+TAM space to transform the way businesses manage spend. Our co-founders started Zip (YC S2020) because they saw the challenges companies had using outdated 20 year old software to manage hundreds of millions of dollars in spend every year. We invented the world’s leading Intake-to-Procure solution to bring a consumer grade user experience to B2B purchasing. And, we’re just getting started.

We're a fast growing team that helped scale category-defining companies like Airbnb, Facebook, Salesforce, Apple, Quora, Pinterest, and Square. With $180 million in funding from YC Continuity (Y Combinator), CRV and Tiger Global, we're valued at $1.5 billion in just 3 years. In today's economic climate, the value we offer our customers is more critical than ever and our business is accelerating. We're growing quickly and need your help!

Your Role

As an Information Security Analyst, you will play a crucial role in maintaining the security and compliance posture of Zip. We’re looking for someone who has a problem solver mindset with the ability to drive tasks to completion in an evolving business environment. You will primarily focus on scaling Zip’s information security program, such as improving SaaS app security, managing employee IAM, and responding to anomalous events. 

You Will

• Administer corporate identity and security infrastructure, such as Okta and MDM
• Identify and remediate risks, such as misconfigurations and excessive permissions, in enterprise SaaS apps and integrations
• Analyze, tune, and create detections and workflows in Zip’s SIEM and SOAR
• Perform periodic security activities, such as rotating secrets and conducting user access reviews
• Automate and up-level technical controls for IT processes, such as onboarding/offboarding and asset management
• Develop and conduct specialized security awareness training programs for employees

Qualifications

• 2+ years of experience in an information security role
• Familiarity with SaaS apps (Google Workspace, Slack, Zoom, Salesforce, etc), employee IAM (Okta/Azure AD), and security tools (Crowdstrike, Jamf/MDM, email gateways)
• An understanding of core networking, security, and IAM concepts, such as IP addresses, networks/subnets, MDM, VPN/Zero Trust, SIEM, and SSO/SCIM
• Basic proficiency in scripting, such as using bash or tools like curl to make API requests for automation and troubleshooting
• Strong communication skills, with the ability to convey security concepts to non-technical audiences

Perks & Benefits

At Zip, we’re committed to providing our employees with everything they need to do their best work.

• 📈 Start-up equity
• 🦷 Health, vision & dental coverage
• 🍽️ Catered lunches & dinners for TO employees
• 🚠 Team building events & happy hours
• 🌴 Flexible PTO
• 💻 Apple equipment plus home office budget

We're looking to hire Zipsters and that means hiring people who take ownership, communicate openly, have an underdog mindset, and are excited to increase the pace of innovation for every business in the world. We encourage all candidates to apply even if your experience doesn't exactly match up to our job description. We are committed to building a diverse and inclusive workspace where everyone (regardless of age, religion, ethnicity, gender, sexual orientation, and more) feels like they belong. We look forward to hearing from you!