TechJobBoard
Why TechJobBoard?

Zuora

Security Engineer

at Zuora

Costa Rica


Company Overview

At Zuora, we do Modern Business. We’re helping people subscribe to new ways of doing business that are better for people, companies and ultimately the planet. It’s an approach resulting from the shift to the Subscription Economy that puts customers first by building recurring relationships instead of one-time product sales and focuses on sustainable growth. Through our leading expertise and multi-product suite, we are transforming all industries and working with the world’s most innovative companies to monetize new business models, nurture subscriber relationships and optimize their digital experiences.


The Opportunity

Are you excited by the challenge of securing large-scale, cloud-native platforms that power mission-critical billing and revenue systems around the world? As an Infrastructure Security leader at Zuora, you’ll own and evolve the security posture of our modern, distributed infrastructure—protecting the foundation that our customers rely on every day.

 

You’ll design and implement automated, AI-driven security controls for our AWS- and Azure-based environments, partnering closely with engineering, SRE, and operations teams to embed security into how we build and run software. You’ll have significant influence on our cloud security strategy, from zero-trust and detection engineering to vulnerability management and incident response.

 

This is a hands-on, senior individual contributor role with leadership expectations: you’ll set technical direction, mentor others, and help drive a global, follow-the-sun security operations model. If you’re looking to work with modern tooling (CSPM, CWPP, SOAR, EDR/XDR, Kubernetes security, IaC security, AI/ML-based automation) and want your work to materially reduce risk for thousands of customers, this role is for you.

 

*This is a hybrid position, so you'll work both remotely and in the office.

 

About You

You’re a senior security engineer or architect with deep experience securing large-scale cloud environments and a track record of turning security strategy into practical, automated solutions. You’re comfortable operating across infrastructure, applications, and operations, and you enjoy partnering with teams to build secure-by-design systems.

 

Experience & background

  • Typically 8+ years of progressive experience in infrastructure security, security operations, or security engineering.
  • 3–5+ years of hands-on experience with AWS and/or Azure security, including Infrastructure-as-Code (IaC) tooling (e.g., Terraform, CloudFormation).
  • Experience with containerized workloads and orchestrators such as EKS, ECS, or Kubernetes.
  • Proven experience in security incident handling, root cause analysis, and operational incident management in a 24/7 environment.
  • Experience running or contributing to an infrastructure vulnerability management program (discovery, prioritization, remediation, reporting).
  • Practical experience using automation and/or AI to improve security operations (e.g., SOAR playbooks, code-driven guardrails, detection-as-code).


Technical skills

  • Strong understanding of security fundamentals, including operating system internals, networking, cryptographic protocols, and attack surface reduction.
  • Proficiency in at least one scripting language (e.g., Python, PowerShell, Bash, or similar) for automation and tooling.
  • Hands-on experience with modern security platforms, such as:
    • SIEM, SOAR, CSPM, DSPM, CDR, CWPP, EDR/XDR
  • Solid knowledge of cloud-native security services:
    • Examples: IAM, encryption and key management, AWS GuardDuty, WAF, Security Hub, Config, etc.
  • Familiarity with web application security (e.g., OWASP Top 10) and common mitigation patterns.
  • Comfortable with Linux systems administration and troubleshooting in production environments.

 

Soft skills & ways of working

  • Strong problem-solving and analytical skills; able to prioritize impact over noise.
  • Excellent written and verbal communication, including clear documentation and stakeholder updates.
  • Ability to collaborate effectively with distributed, cross-functional teams (engineering, SRE, operations, customer support).
  • Proven ability to lead through influence, mentor others, and help build a high-performance, learning-oriented security culture.
  • High attention to detail, with the ability to stay calm and organized under pressure.

 

Nice to have (not required):

  • Security certifications such as AWS Certified Security – Specialty, Azure Security Engineer Associate, or similar industry credentials.
  • Experience in Agile environments and applying Agile practices to security engineering and operations.
  • Prior experience in SaaS or other multi-tenant, highly available cloud services.

 

If you don’t meet every single requirement but are excited about the role and believe you can make an impact, we encourage you to apply.

About the Team

Zuora’s Security organization is responsible for safeguarding our global SaaS platform and cloud infrastructure. We operate a follow-the-sun model across the US, Asia, and India to provide 24/7/365 protection for Zuora’s products, services, and customers.

Within this organization, the Infrastructure Security team focuses on securing Zuora’s foundational systems, services, and environments. The team:

  • Designs and implements cloud-native security controls and guardrails that enable teams to move fast, safely.
  • Partners closely with infrastructure, SRE, platform engineering, and application teams to embed security into architecture, development, and operations.
  • Builds scalable automation and leverages AI/ML to reduce manual toil, improve detection quality, and shorten time-to-remediation.
  • Continuously monitors for emerging threats and collaborates with incident response and threat intelligence functions.

You’ll join a team that values curiosity, ownership, and collaboration, and that is constantly iterating on how we detect, prevent, and respond to threats in a rapidly evolving landscape.

What you’ll do

In this role, you will:

  • Design and implement automated, AI-assisted security controls to harden our AWS and Azure infrastructure, reduce risk, and improve operational efficiency.
  • Serve as a technical leader for infrastructure security: shaping standards, patterns, and best practices across cloud accounts, Kubernetes clusters, and core services.
  • Partner with engineering, SRE, and operations teams to understand architectures and build practical, scalable security solutions that enable—not block—delivery.
  • Lead or contribute to threat modeling, architecture reviews, and design consultations for new or evolving systems.
  • Operate and tune security tooling (CSPM, CWPP, SOAR, EDR/XDR, IaC security, Kubernetes security, etc.), ensuring high signal-to-noise and actionable insights.
  • Drive continuous vulnerability management across infrastructure:
    • Own or support discovery, risk-based prioritization, remediation plans, and executive reporting.
  • Help shape and execute our detection and response strategy:
    • Develop and improve detections, triage playbooks, and automated response workflows.
    • Participate in and help lead incident response activities when needed.
  • Contribute to a global on-call rotation, ensuring high-quality coverage and timely response as part of our follow-the-sun operations model.
  • Create and maintain clear documentation, standards, and runbooks that help scale best practices across Zuora.
  • Mentor other engineers and contribute to a culture of continuous learning and improvement.

 

#ZEOLife at Zuora

At Zuora, we’re constantly learning, innovating, and growing. Our people—known as ZEOs—are empowered to take ownership, challenge the status quo, and make a lasting impact.

We collaborate deeply, think boldly, and support one another to make what’s next possible—for our customers, our communities, and each other.

We offer:

  • Competitive compensation, bonus opportunities, and retirement programs
  • Comprehensive medical, dental, and vision coverage
  • Generous, flexible time off
  • Paid holidays, wellness days, and a company-wide year-end break
  • Paid parental leave
  • Learning & development stipend
  • Opportunities to give back, including volunteer time and donation matching
  • Mental wellbeing resources and support

(Benefits may vary by location; details will be shared during the interview process.)

Location & Work Arrangements

Zuora teams are empowered to design flexible, intentional ways of working. Whether remote, hybrid, or in-office, we balance flexibility with accountability—to each other, our customers, and our mission.

For most roles, you’ll have the freedom to work where you’re most productive while staying connected to your team and the broader ZEO community.

Our Commitment to an Inclusive Workplace

Think, be and do you! At Zuora, different perspectives, experiences and contributions matter. Everyone counts. Zuora is proud to be an Equal Opportunity Employer committed to creating an inclusive environment for all.

Zuora does not discriminate on the basis of, and considers individuals seeking employment with Zuora without regards to, race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics.

We encourage candidates from all backgrounds to apply. Applicants in need of special assistance or accommodation during the interview process or in accessing our website may contact us by sending an email to assistance@zuora.com

TechJobBoard

Search open jobs in the tech industry faster and find your match.

© 2023 TechJobBoard. All rights reserved.