Senior Application Security Engineer
Senior Application Security Engineer
Zip
Zip is seeking a Senior Application Security Engineer to join their Security team, responsible for protecting customer data and building security initiatives. The role involves designing technical controls, supporting secure product development, and mentoring team members. Zip is a rapidly growing procurement platform with a strong focus on technology and customer value.
Qualification
- Experience writing production-quality code for security tooling and services
- Strong written and verbal communication with internal and external stakeholders
- A solid understanding of security risks and the ability to balance security with business requirements
- Experience with web applications, APIs, and cloud environments
- Familiarity with compliance frameworks such as SOC 2, ISO 27001, and FedRAMP
Responsibility
- Design and implement technical controls to eliminate or mitigate classes of security vulnerabilities.
- Support the development of secure products through design reviews, threat models, static/dynamic scans, and hands-on security assessments.
- Validate, triage, and coordinate security findings from bug bounty and third-party pentests.
- Mentor security analysts and security champions on security best practices and techniques.
