Engineer - Infrastructure Security
About Zapier
We're humans who simply think computers should do more work.
At Zapier, we’re not just making software—we’re building a platform to help millions of businesses globally scale with automation and AI. Our mission is to make automation work for everyone by delivering products that delight our customers. You’ll collaborate with brilliant people, use the latest tools, and leverage the flexibility of remote work. Your work will directly fuel our customers’ success, and as they grow, so will you.
Job Posted: 08/15/2025
Location: NAMER - East Coast Preferred
Hi there!
Zapier is on a mission to democratize automation while protecting the security and privacy of millions of users worldwide. We safeguard sensitive data and build trust through robust security measures that enable our teams to move fast, safely.
We’re looking for an Infrastructure Security Engineer to help maintain and raise the security bar across our production environments. In this role, you’ll contribute to designing and operating secure infrastructure, collaborating closely with senior engineers while taking ownership of well-defined initiatives. This role is ideal for someone with a strong infrastructure security foundation who’s ready to grow in a high-impact, remote-first environment.
About You
Cloud Security Experience: You have hands-on experience securing SaaS products and maintaining compliance with frameworks like SOC2, ISO27001, or HIPAA/HITRUST.
You have an understanding of modern cloud technology components and deployment patterns: Proficient with Infrastructure-as-Code (Terraform, CloudFormation), AWS, Python, and Kubernetes. Experience with security tools such as CSPM, vulnerability scanners, and lifecycle management solutions.
Security Mindset: You understand modern deployment patterns (isolated VMs, k8s, serverless) and can identify and mitigate common cloud security risks.
Collaborative Approach: You work well with senior engineers, platform teams, and other security specialists, and you’re comfortable asking questions, sharing ideas, and learning from others.
Remote-Ready: You excel in asynchronous communication and self-manage effectively in a fully remote, distributed team.
Adaptable: You’ve experienced the pace of a growing company and can adjust processes and tools to fit evolving needs.
Things You’ll Do
Identify & Mitigate Risks: Spot and address security gaps in infrastructure to improve resilience and reduce risk.
Harden Infrastructure: Apply secure-by-default designs across endpoints, tooling, and processes.
Build Scalable Processes: Collaborate on paved-path tooling and processes that enforce least-privilege access while enabling engineering velocity.
Develop & Audit IaC: Improve Terraform/CloudFormation configurations for security, scalability, and reliability.
Triage Fleet Security Posture: Operate and maintain tools that detect and track misconfigurations and vulnerabilities; ensure timely patching and mitigation.
Collaborate Across Teams: Partner with Platform, Engineering, and other Security teams to provide guidance and ad hoc support.
What We’re Working On
Library Image & Terraform Standardization: Creating consistent, secure Docker images and IaC modules.
Vulnerability Management & Patching: Improving detection, triage, and remediation pipelines for complex infrastructure.
Security Automation: Expanding automated guardrails for developers to ship securely and quickly.
How to Apply
At Zapier, we believe that diverse perspectives and experiences make us better, which is why we have a non-standard application process designed to promote inclusion and equity. We're looking for the best fit for each of our roles, regardless of the type of companies in your background, so we encourage you to apply even if your skills and experiences don’t exactly match the job description. All we ask is that you answer a few in-depth questions in our application that would typically be asked at the start of an interview process. This helps speed things up by letting us get to know you and your skillset a bit better right out of the gate. Please be sure to answer each question; the resume and CV fields are optional.
Education is not a requirement for our roles; however, if you receive an offer, you will need to include your most recent educational experience as part of our background check process.
After you apply, you are going to hear back from us—even if we don’t see an immediate fit with our team. In fact, throughout the process, we strive to never go more than seven days without letting you know the status of your application. We know we’ll make mistakes from time to time, so if you ever have questions about where you stand or about the process, just ask your recruiter!
Zapier is an equal-opportunity employer and we're excited to work with talented and empathetic people of all identities. Zapier does not discriminate based on someone's identity in any aspect of hiring or employment as required by law and in line with our commitment to Diversity, Inclusion, Belonging and Equity. Our code of conduct provides a beacon for the kind of company we strive to be, and we celebrate our differences because those differences are what allow us to make a product that serves a global user base. Zapier will consider all qualified applicants, including those with criminal histories, consistent with applicable laws.
Zapier prioritizes the security of our customers' information and is dedicated to adhering to all applicable data privacy laws. You can review our privacy policy here.
Zapier is committed to inclusion. As part of this commitment, Zapier welcomes applications from individuals with disabilities and will work to provide reasonable accommodations. If reasonable accommodations are needed to participate in the job application or interview process, please contact jobs@zapier.com.
Application Deadline:
The anticipated application window is 30 days from the date job is posted, unless the number of applicants requires it to close sooner or later, or if the position is filled.
Even though we’re an all-remote company, we still need to be thoughtful about where we have Zapiens working. Check out this resource for a list of countries where we currently cannot have Zapiens permanently working.
About the job
Apply for this position
Engineer - Infrastructure Security
About Zapier
We're humans who simply think computers should do more work.
At Zapier, we’re not just making software—we’re building a platform to help millions of businesses globally scale with automation and AI. Our mission is to make automation work for everyone by delivering products that delight our customers. You’ll collaborate with brilliant people, use the latest tools, and leverage the flexibility of remote work. Your work will directly fuel our customers’ success, and as they grow, so will you.
Job Posted: 08/15/2025
Location: NAMER - East Coast Preferred
Hi there!
Zapier is on a mission to democratize automation while protecting the security and privacy of millions of users worldwide. We safeguard sensitive data and build trust through robust security measures that enable our teams to move fast, safely.
We’re looking for an Infrastructure Security Engineer to help maintain and raise the security bar across our production environments. In this role, you’ll contribute to designing and operating secure infrastructure, collaborating closely with senior engineers while taking ownership of well-defined initiatives. This role is ideal for someone with a strong infrastructure security foundation who’s ready to grow in a high-impact, remote-first environment.
About You
Cloud Security Experience: You have hands-on experience securing SaaS products and maintaining compliance with frameworks like SOC2, ISO27001, or HIPAA/HITRUST.
You have an understanding of modern cloud technology components and deployment patterns: Proficient with Infrastructure-as-Code (Terraform, CloudFormation), AWS, Python, and Kubernetes. Experience with security tools such as CSPM, vulnerability scanners, and lifecycle management solutions.
Security Mindset: You understand modern deployment patterns (isolated VMs, k8s, serverless) and can identify and mitigate common cloud security risks.
Collaborative Approach: You work well with senior engineers, platform teams, and other security specialists, and you’re comfortable asking questions, sharing ideas, and learning from others.
Remote-Ready: You excel in asynchronous communication and self-manage effectively in a fully remote, distributed team.
Adaptable: You’ve experienced the pace of a growing company and can adjust processes and tools to fit evolving needs.
Things You’ll Do
Identify & Mitigate Risks: Spot and address security gaps in infrastructure to improve resilience and reduce risk.
Harden Infrastructure: Apply secure-by-default designs across endpoints, tooling, and processes.
Build Scalable Processes: Collaborate on paved-path tooling and processes that enforce least-privilege access while enabling engineering velocity.
Develop & Audit IaC: Improve Terraform/CloudFormation configurations for security, scalability, and reliability.
Triage Fleet Security Posture: Operate and maintain tools that detect and track misconfigurations and vulnerabilities; ensure timely patching and mitigation.
Collaborate Across Teams: Partner with Platform, Engineering, and other Security teams to provide guidance and ad hoc support.
What We’re Working On
Library Image & Terraform Standardization: Creating consistent, secure Docker images and IaC modules.
Vulnerability Management & Patching: Improving detection, triage, and remediation pipelines for complex infrastructure.
Security Automation: Expanding automated guardrails for developers to ship securely and quickly.
How to Apply
At Zapier, we believe that diverse perspectives and experiences make us better, which is why we have a non-standard application process designed to promote inclusion and equity. We're looking for the best fit for each of our roles, regardless of the type of companies in your background, so we encourage you to apply even if your skills and experiences don’t exactly match the job description. All we ask is that you answer a few in-depth questions in our application that would typically be asked at the start of an interview process. This helps speed things up by letting us get to know you and your skillset a bit better right out of the gate. Please be sure to answer each question; the resume and CV fields are optional.
Education is not a requirement for our roles; however, if you receive an offer, you will need to include your most recent educational experience as part of our background check process.
After you apply, you are going to hear back from us—even if we don’t see an immediate fit with our team. In fact, throughout the process, we strive to never go more than seven days without letting you know the status of your application. We know we’ll make mistakes from time to time, so if you ever have questions about where you stand or about the process, just ask your recruiter!
Zapier is an equal-opportunity employer and we're excited to work with talented and empathetic people of all identities. Zapier does not discriminate based on someone's identity in any aspect of hiring or employment as required by law and in line with our commitment to Diversity, Inclusion, Belonging and Equity. Our code of conduct provides a beacon for the kind of company we strive to be, and we celebrate our differences because those differences are what allow us to make a product that serves a global user base. Zapier will consider all qualified applicants, including those with criminal histories, consistent with applicable laws.
Zapier prioritizes the security of our customers' information and is dedicated to adhering to all applicable data privacy laws. You can review our privacy policy here.
Zapier is committed to inclusion. As part of this commitment, Zapier welcomes applications from individuals with disabilities and will work to provide reasonable accommodations. If reasonable accommodations are needed to participate in the job application or interview process, please contact jobs@zapier.com.
Application Deadline:
The anticipated application window is 30 days from the date job is posted, unless the number of applicants requires it to close sooner or later, or if the position is filled.
Even though we’re an all-remote company, we still need to be thoughtful about where we have Zapiens working. Check out this resource for a list of countries where we currently cannot have Zapiens permanently working.