We're looking for an experienced, hands-on Cloud Security Engineer to join our Security Zone at Zapier and drive the Cloud Security Program. Zapier is on a mission to democratize automation. Over 5 million professionals already use Zapier to save more time, but there are millions more to reach. We owe it to our customers to be a responsible steward of their data and keep it safe and private.
Are you interested in working with a team that thrives on ownership where you go default to action on your ideas and own them from start to finish? And you are happy to grab the keyboard and implement your ideas? Do you want to drive the cloud security program for a fast-growing and powerful automation tool, called Zapier? Then read on…
To help share a bit more about life at Zapier, here are a few resources:
- Our Commitment to Applicants
- Culture and Values at Zapier
- Zapier Guide to Remote Work
- Zapier Code of Conduct
- Diversity and Inclusivity at Zapier
Zapier is proud to be an equal opportunity workplace dedicated to pursuing and hiring a diverse workforce.
You have deep cloud infrastructure security experience. Keeping the cloud resources that support our core Zapier application secure is at the heart of this role. Zapier is a SaaS product, so experience building software and managing cloud infrastructure under a similar model is a must.
Working in a SOC2 and/or ISO27001 or HIPAA/HITRUST compliant environment is a plus.
You have worked with teams before on large Python, AWS, & Kubernetes projects. You’re also familiar with some common frameworks for languages like Django, Flask, or Rails. You've also worked extensively in cloud providers like AWS, GCE, or Azure and have strong experience with threat detection tooling on linux.
You’re an excellent planner. You have managed complex cloud security projects with minimal guidance, to include planning, scheduling, and delivering of reports and other documentation. You have a solid vision on how to keep an ever evolving cloud environment secure. Familiarity with the MITRE ATT&CK framework and how to utilize it for enhancing the security of a cloud environment is a big plus.
You love to set direction. You love to work with others, to give and take feedback and set together a vision to raise the security maturity.
You are friendly and patient, welcoming, considerate, and respectful. Learn more about these attributes in our code of conduct.
Things You Might Do
Zapier is a fast-growing, and remote-first company, so you'll likely get experience on many different projects across the organization. That said, here are some things you'll probably do:
- Define the Cloud Security strategy to measure and further strengthen the security our environment working with the Head of Security and the other Cloud Security engineers
- Build, own and drive a cloud security maturity program
- This is also a hands-on role, so you'll write some python and work within ansible, terraform, AWS and more.
- Identify where we can add more layers of defense in depth and implement them.
- Build internal tooling to ensure safe data access patterns for Zapier employees.
- Locating weak points across Zapier and strengthening them.
- As a part of our All Hands Support initiative, help customers have the best possible experience with Zapier.
Since 2011, Zapier has been helping people across the world automate the boring and tedious parts of their job. We do that by helping everyone connect the web applications they already use and love.
We believe that there are jobs a computer is best at doing and that there are jobs a human is best at doing. We want to empower businesses to create processes and systems that let computers do what they are best at doing and let humans do what they are best at doing.
We believe that with the right tools, you can have big impact with less hassle.
We believe in small teams. Small teams are fast and nimble. Small teams mean less bureaucracy and less management and more getting things done.
The Whole Package
We're currently hiring for the following locations:
- Competitive salary (we don't use remote as an excuse to pay less)
- Great healthcare + dental + vision coverage*
- Retirement plan with 4% company match*
- Profit sharing
- 2 annual company retreats to awesome places
- 14 weeks paid leave for new parents of biological or adopted children
- Pick your own equipment. We'll set you up with whatever Apple laptop + monitor combo you want plus any software you need.
- Unlimited vacation policy. Plus we require you to take at least 2 weeks off each year. We see most employees take 4-5 weeks off per year. This isn't a vague policy where unlimited vacation means no vacation.
- Work with awesome companies around the world. We partner with great software companies all over the world and you'll constantly get to interact with people from these great companies