Senior Software Engineer, Identity and Access Management (IAM)

The simple task of buying software, services, or tools at work has become hopelessly complicated at even the most innovative companies in the world. Today, enterprises spend $120T+ per year globally (>30 times larger than annual consumer e-commerce spend) and rely on vendors more than ever before to run their businesses.

Our cofounders started Zip in 2020 to address this seemingly intractable problem with a purpose-built procurement platform that provides a simple, consumer-grade user experience. Within the last 4 years, Zip has created a new category and developed the leading solution in this $50B+ TAM space. Today, the world’s leading companies like OpenAI, Snowflake, Anthropic, Coinbase, and Prudential rely on Zip to manage billions of dollars in spend.

We have a world-class team coming from category-defining companies like Airbnb, Meta, Stripe, Salesforce, Apple, and Google. With a $2.2 billion valuation and $370 million in funding from Y Combinator, Tiger Global, BOND, DST Global, and CRV, we’re focused on developing cutting-edge technology, expanding into new global markets, and—above all–driving incredible value for our customers. Join us!

Your Role

The security team at Zip is committed to maintaining the security and confidentiality of our customer’s data. As a Senior Security Software Engineer, you’ll take on a dynamic role, designing and building across domains, from customer facing security features to infrastructure safeguards. We move quickly to solve a wide range of complex technical and product challenges. While we are an experienced team that can provide constant guidance and mentorship, we value engineers who can autonomously scope and solve difficult technical challenges.

You will

• Develop features to improve security and mitigate risk within Zip’s products, such as multi-region user authentication, account take-over detection systems, and universal audit trails

• Design and implement defensive measures to detect and prevent breaches in Zip’s  infrastructure

• Build processes and tooling to enable developers to ship features securely

• Participate in security reviews, threat modeling, table-top exercises, and bug bounty triage

• Lead response to incidents, perform investigations and communicate clearly to internal and external stakeholders

Qualifications

• Minimum 4+ years of experience in a security or software engineering role. This role requires software development experience.

• Experience in enterprise SaaS and/or fintech, is preferred

• Experience in cloud technologies, such as AWS, Kubernetes, and Infrastructure as Code

• An understanding of security best practices, threat models, and frameworks, such as the OWASP Top 10, NIST CSF, SLSA framework

• Exposure to compliance and regulatory frameworks such as SOC 2, ISO 27001, and GDPR

Perks & Benefits

At Zip, we’re committed to providing our employees with everything they need to do their best work.

• 📈 Start-up equity

• 🦷 Health, vision & dental coverage

• 🍽️ Catered lunches & dinners for TO employees

• 🚍 Commuter benefit

• 🚠 Team building events & happy hours

• 🌴 Flexible PTO

• 💻 Apple equipment plus home office budget

We're looking to hire Zipsters and that means hiring people who take ownership, communicate openly, have an underdog mindset, and are excited to increase the pace of innovation for every business in the world. We encourage all candidates to apply even if your experience doesn't exactly match up to our job description. We are committed to building a diverse and inclusive workspace where everyone (regardless of age, religion, ethnicity, gender, sexual orientation, and more) feels like they belong. We look forward to hearing from you!