🛠 Tech Stack

💼 About This Role

You'll own security outcomes for Zipline's application and cloud ecosystem, partnering with engineering teams on secure architecture and threat modeling. You'll help scale a pragmatic secure SDLC, improve cloud security posture, and drive vulnerability management. This role stands out by addressing secure AI-assisted engineering workflows and real-world autonomy + robotics security problems.

🎯 What You'll Do

• Partner with engineering teams on secure architecture and threat modeling.
• Build and scale pragmatic secure SDLC: CI/CD hardening, supply-chain controls, secrets management.
• Improve cloud security posture: IAM, least privilege, network trust, key management, logging, runtime detection.
• Drive vulnerability management: triage, exploitability analysis, remediation, verification.

📋 Requirements

• 8+ years designing, building, and operating security controls for large-scale production systems.
• Hands-on ability to write and ship code/tools in Python, Go, or similar.
• Practical experience securing microservice architectures and modern cloud stacks (containers/Kubernetes, IAM, CI/CD).
• Skeptical mindset: naturally ask what's the failure mode and how will this be abused.

✨ Nice to Have

• Experience with secure AI-assisted and agentic engineering workflows.
• Familiarity with NIST AI Risk Management Framework or OWASP Top 10 for LLM Applications.
• Experience in regulated or health-adjacent environments.

🎁 Benefits & Perks

• 🏖️ Unlimited PTO
• 🏥 Comprehensive health insurance
• 💰 Equity grants
• 🚀 Growth opportunities in a fast-scaling company
• 🌍 Mission-driven work with global impact

📨 Hiring Process

Estimated timeline: 2-4 weeks · AI estimate

1. 1Recruiter Screen· 30 min
2. 2Technical Interview· 60 min
3. 3Hiring Manager Interview· 45 min