Engineer, Cloud Security

Engineer, Cloud Security   Hi there!   We're looking for an experienced, hands-on Cloud Security Engineer to join our Security Zone at Zapier and help us to build a comfy stronghold. Zapier is on a mission to democratize automation. Over 5 million professionals already use Zapier to save more time, but there are millions more to reach. We owe it to our customers to be a responsible steward of their data and keep it safe and private.   Are you interested in working with a team that thrives on ownership where you go default to action on your ideas and own them from start to finish? And you are happy to grab the keyboard and implement your ideas? Do you want to be part of a growing cloud security program for a fast-growing and powerful automation tool, called Zapier? Then read on…   If you’re interested in advancing your career at a fast-growing, profitable, impact-driven company, then read on…   Our Commitment to Applicants Culture and Values at Zapier Zapier Guide to Remote Work Zapier Code of Conduct Diversity and Inclusivity at Zapier   About You

• You have deep AWS cloud infrastructure security experience. Keeping the cloud resources that support our core Zapier application secure is at the heart of this role. Zapier is a SaaS product, so experience building software and administering cloud infrastructure under a similar model is a must. Working in a SOC2 and/or ISO27001 or HIPAA/HITRUST compliant environment is a plus.
• You have worked with teams before on large Python, AWS, & Kubernetes projects. You’re also familiar with some common frameworks such as Django, Flask, or Rails. You've also worked extensively in AWS. Deep knowledge in working with Kubernetes or other containerization technologies is a big plus.
• You're a doer. You have managed complex cloud security infrastructures with minimal guidance. Familiarity with the AWS security best practice frameworks and how to utilize them for enhancing the security of a cloud environment.
• You love to collaborate, and give a hand when needed. In this role, you're not going to be just an advisor; you can and will get your hands dirty. You love to work with others, to give and take feedback and work together on a vision to raise security maturity.
• You are friendly and patient, welcoming, considerate, and respectful. Learn more about these attributes in our code of conduct.

  Things You’ll Do Zapier is a fast-growing, and remote-first company, so you'll likely get experience on many different projects across the organization. That said, here are some things you'll probably do:

• You will take ownership of parts of the CloudSec Program, focusing on an ever-evolving security maturity model that helps us to prioritize our work and improve our cloud security. If you like this or this, you will find this role very interesting.
• You will take ownership of the AWS organizations setup, the SSO permissions model, and connected areas (e.g. terraform), but not exclusively work in this area
• For cross-team projects, you might work shoulder to shoulder embedded into our SRE team.
• This is a hands-on role, so you'll write some python and work within terraform, AWS, and more. If you love automation, you will love this role.
• Identify where we can add more layers of defense in depth and implement them.
• Build internal tooling to ensure safe data access patterns for Zapier employees.
• Locating weak points across Zapier and strengthening them.

You’ll also have the opportunity to specialize in various areas of the Zapier IaC codebase, including core platform development. Focusing on a specialization will not limit your area for growth at Zapier, as each engineer brings a unique perspective and can contribute differently in all areas. We encourage participation and will frequently have engineers contribute across teams to assist in projects.   The Whole Package Location: USA, Canada (EST or CST preferred)   Our flexible, distributed environment lets us work with the best people from around the world. Zapiens live in 40+ countries, including the United Kingdom, Thailand, India, Nigeria, Taiwan, Guatemala, New Zealand, Australia, and more!   Zapier offers:

• Competitive salary and profit-sharing program
• Equity for All: Stock options (or equivalent) for every Zapien
• Healthcare + dental + vision coverage*
• Retirement plan with 4% company match*
• $2,000 annual learning stipend for use on courses, conferences, and more—your choice
• Two annual all-company retreats
• 14 weeks paid leave for new parents of biological or adopted children
• Customized Zapiversary rewards on your 1, 3, 5, 7 and 10 year work anniversaries
• Leading-edge equipment. We set you up with an Apple laptop and provide an additional budget for you to choose other home office accessories and software you may need.
• Time to renew. We encourage Zapiens to take at least 2 weeks off each year. Most of us take 4-5 weeks, in addition to locally recognized holidays.
• Opportunity to work with Zapier’s amazing partners network

  *While we take care of Zapiens around the world the best we can, healthcare and retirement plans are currently available specifically in the UK, Canada, New Zealand, Australia, and United States.   How to Apply   We have a non-standard application process designed to promote inclusion and equity. We first ask a few questions in our application form that would typically be asked at the start of an initial interview. This helps speed up the process and lets us get to know you a bit better right out of the gate. Please be sure to answer each question; the resume and CV fields are optional.   After you apply, you are going to hear back from us—even if we don’t see an immediate fit with our team. In fact, throughout the process, we strive to make sure you never go more than seven days without hearing from us.   Zapier is an equal opportunity employer. We're excited to work with talented and empathetic people, and do not discriminate based on race, color, sex, gender identity or expression, sexual orientation, religion, national origin, physical or mental disability, military or veteran status, genetic information, pregnancy, age, or any other status protected by local law. Our code of conduct provides a beacon for the kind of company we strive to be, and we celebrate our differences because those differences are what allow us to make a product that serves a global user base.   Zapier is is committed to inclusion. As part of this commitment, Zapier will ensure that people with disabilities are provided reasonable accommodations. If reasonable accommodations are needed to participate in the job application or interview process, please contact jobs@zapier.com.