Engineer, Infrastructure Security

Cloud Security Experience: You have hands-on experience securing SaaS products and maintaining compliance with frameworks like SOC2, ISO27001, or HIPAA/HITRUST.

You have an understanding of modern cloud technology components and deployment patterns: Proficient with Infrastructure-as-Code (Terraform, CloudFormation), AWS, Python, and Kubernetes. Experience with security tools such as CSPM, vulnerability scanners, and lifecycle management solutions.

Security Mindset: You understand modern deployment patterns (isolated VMs, k8s, serverless) and can identify and mitigate common cloud security risks.

Collaborative Approach: You work well with senior engineers, platform teams, and other security specialists, and you’re comfortable asking questions, sharing ideas, and learning from others.

Remote-Ready: You excel in asynchronous communication and self-manage effectively in a fully remote, distributed team.

Adaptable: You’ve experienced the pace of a growing company and can adjust processes and tools to fit evolving needs.

Compensation
$141.1K – $211.7K • Offers Equity • Offers Bonus
We believe all Zapiens should be rewarded competitively and equitably, using practices that are simple and transparent. This philosophy ensures we’re able to find, grow, and retain exceptional people from a broad range of backgrounds. Here’s how we define our compensation principles:

Competitive: Zapier pays well among the technology sector.

Equitable: Consistent pay practices; Pay for impact

Simple: Pay is well understood, and pay practices are built for scale.

Transparent: Zapiens know how pay works, including how their pay is determined.

A Candidate's compensation package is finalized once the interview process is concluded and accounts for demonstrated experience, job knowledge, skills, abilities, and internal equity. We use a business impact approach to base pay, which means we set pay for all Zapiens based on their demonstrated impact on Zapier’s success. In alignment with that philosophy, the upper half of a pay range is typically reserved for individuals who have consistently demonstrated a high impact in their current role and level while at Zapier.

Identify & Mitigate Risks: Spot and address security gaps in infrastructure to improve resilience and reduce risk.

Harden Infrastructure: Apply secure-by-default designs across endpoints, tooling, and processes.

Build Scalable Processes: Collaborate on paved-path tooling and processes that enforce least-privilege access while enabling engineering velocity.

Develop & Audit IaC: Improve Terraform/CloudFormation configurations for security, scalability, and reliability.

Triage Fleet Security Posture: Operate and maintain tools that detect and track misconfigurations and vulnerabilities; ensure timely patching and mitigation.

Collaborate Across Teams: Partner with Platform, Engineering, and other Security teams to provide guidance and ad hoc support.

What We’re Working On
Library Image & Terraform Standardization: Creating consistent, secure Docker images and IaC modules.

Vulnerability Management & Patching: Improving detection, triage, and remediation pipelines for complex infrastructure.

Security Automation: Expanding automated guardrails for developers to ship securely and quickly.