Our co-founders started Zip in 2020 to address this seemingly intractable problem with a purpose-built platform that provides a simple, consumer-grade user experience. Within just a few short years, Zip created the procurement orchestration category and developed the leading solution in this $50B+ TAM space. Today, leading companies like Instacart, Anthropic, Sephora, Discover, Reddit, and Lyft rely on Zip to manage billions of dollars in spend.
We're a fast-growing team that helped scale category-defining companies like Airbnb, Meta, Salesforce, Databricks, Ramp, Apple, and Google. With a $2.2 billion valuation and $370 million in funding from Y Combinator, BOND, DST Global, and CRV, we’re focused on developing cutting-edge technology, expanding into new global markets, and—above all–driving incredible value for our customers. Join us!
As an Information Security Analyst, you will play a crucial role in maintaining the security and compliance posture of Zip. We’re looking for someone who has a problem solver mindset with the ability to drive tasks to completion in an evolving business environment. You will primarily focus on scaling Zip’s information security program, such as improving SaaS app security, managing employee IAM, and responding to anomalous events.
Administer corporate identity and security infrastructure, such as Okta and MDM
Identify and remediate risks, such as misconfigurations and excessive permissions, in enterprise SaaS apps and integrations
Analyze, tune, and create detections and workflows in Zip’s SIEM and SOAR
Perform periodic security activities, such as rotating secrets and conducting user access reviews
Automate and up-level technical controls for IT processes, such as onboarding/offboarding and asset management
Develop and conduct specialized security awareness training programs for employees
2+ years of experience in an information security role
Familiarity with SaaS apps (Google Workspace, Slack, Zoom, Salesforce, etc), employee IAM (Okta/Azure AD), and security tools (Crowdstrike, Jamf/MDM, email gateways)
An understanding of core networking, security, and IAM concepts, such as IP addresses, networks/subnets, MDM, VPN/Zero Trust, SIEM, and SSO/SCIM
Basic proficiency in scripting, such as using bash or tools like curl to make API requests for automation and troubleshooting
Strong communication skills, with the ability to convey security concepts to non-technical audiences
The salary range for this role is $90,000 - $105,000. The salary for this position is determined based on a variety of job-related factors that may include location, relevant experience, education, or particular skills and expertise.
At Zip, we’re committed to providing our employees with everything they need to do their best work.
📈 Start-up equity
🦷 Full health, vision & dental coverage
🍽️ Catered lunches & dinners for SF employees
🚍 Commuter benefit
🚠 Team building events & happy hours
🌴 Flexible PTO
💻 Apple equipment plus home office budget
💸 401k plan
We're looking to hire Zipsters and that means hiring people who take ownership, communicate openly, have an underdog mindset, and are excited to increase the pace of innovation for every business in the world. We encourage all candidates to apply even if your experience doesn't exactly match up to our job description. We are committed to building a diverse and inclusive workspace where everyone (regardless of age, religion, ethnicity, gender, sexual orientation, and more) feels like they belong. We look forward to hearing from you!