Security Engineer

3 Months ago • 5 Years + • Cyber Security

Job Summary

Job Description

The Security Engineer will collaborate with teams across a global organization to support the adoption and implementation of secure software development practices and tooling. They will contribute hands-on to engineering and tooling projects, mentor engineers, and influence architectural decisions. The role involves designing and developing security components, defining and promoting security best practices, participating in code reviews, and evaluating security tools. This role requires strong communication skills and collaboration with various teams throughout the SDLC. This role is part of a growing presence in Sydney and offers the opportunity to shape and scale security practices globally.
Must have:
  • 5+ years of experience in application security
  • Strong understanding of secure software development
  • Experience in security design and code reviews
  • Familiarity with common application vulnerabilities
  • Experience with security tools (SAST, DAST, SCA)
  • Ability to communicate security concepts effectively
Good to have:
  • Experience with AWS security best practices
  • Background in DevSecOps or security automation
  • Familiarity with Bug Bounty programs
  • Experience with regulatory frameworks (ISO 27001, etc.)
  • Programming or scripting skills (Python, JavaScript, etc.)
Perks:
  • Competitive compensation and bonus opportunities
  • Medical, dental and vision insurance
  • Generous, flexible time off
  • Paid holidays and company-wide break
  • 6 months fully paid parental leave
  • Learning & Development stipend
  • Opportunities to volunteer and give back
  • Free resources and support for mental wellbeing

Job Details

Company Overview

At Zuora, we do Modern Business. We’re helping people subscribe to new ways of doing business that are better for people, companies and ultimately the planet. It’s an approach resulting from the shift to the Subscription Economy that puts customers first by building recurring relationships instead of one-time product sales and focuses on sustainable growth. Through our leading expertise and multi-product suite, we are transforming all industries and working with the world’s most innovative companies to monetize new business models, nurture subscriber relationships and optimize their digital experiences.

 

The Team & Role

Zuora’s Application Security & Security Engineering team partners closely with engineering to embed security into the software development lifecycle through scalable tools, processes, and culture.

As an Application Security Engineer, you’ll work hands-on with developers and architects to drive secure design, build security automation, and support critical projects across our cloud-native platform. This role is part of our growing presence in Sydney and offers the opportunity to shape and scale security practices globally.

This is a hybrid position, so you’ll work both remotely and in the office.

 

Our Tech Stack: Java, Spring, Rest API, Microservices, Kafka, Spark, NodeJS, AWS, Kubernetes, Terraform, AngularJS 

 

What you’ll do

  • Collaborate with teams across a global organization to support the adoption and implementation of secure software development practices and tooling.
  • Contribute hands-on to critical engineering and tooling projects, working closely with technical leads and product owners to ensure security is a key part of successful project outcomes.
  • Mentor engineers and influence architectural decisions to ensure security is embedded by design.
  • Design and develop reusable, flexible security components and APIs to support scalable, secure application development across the company.
  • Define and promote best practices to ensure software security without compromising functionality, usability, reliability, or availability.
  • Participate in design and code reviews, providing actionable security recommendations as needed.
  • Collaborate with project teams to design and prototype secure solutions, validating key assumptions and security objectives.
  • Evaluate, implement, and support a range of security tools to improve visibility and reduce risk.
  • Build strong relationships and communicate effectively with stakeholders throughout the SDLC, including Product, Engineering, and Operations teams.

 

Your experience

  • 5+ years of experience in application security, software development, or a related engineering role.
  • Strong understanding of secure software development practices, including experience working with developers to embed security into the SDLC.
  • Hands-on experience conducting security design reviews, threat modeling, and code reviews for web and cloud-based applications.
  • Familiarity with common application vulnerabilities (e.g., OWASP Top 10) and experience in identifying and remediating them.
  • Experience working with security tools such as SAST, DAST, SCA, and container security scanners.
  • Ability to communicate security concepts effectively to both technical and non-technical stakeholders.

 

Nice to haves:

  • Experience with AWS security best practices and securing cloud-native architectures.
  • Background in DevSecOps or building security automation into CI/CD pipelines.
  • Familiarity with Bug Bounty triage or managing responsible disclosure programs.
  • Experience with regulatory frameworks (e.g., ISO 27001, SOC 2, or GDPR) as they relate to product security.
  • Programming or scripting skills (e.g., Python, JavaScript, or Go) to build internal tools or automation.

 

#ZEOLife at Zuora

As an industry pioneer, our work is constantly evolving and challenging us in new ways that require us to think differently, iterate often and learn constantly—it’s exciting. Our people, whom we refer to as “ZEOs” are empowered to take on a mindset of ownership and make a bigger impact here. Our teams collaborate deeply, exchange different ideas openly and together we’re making what’s next possible for our customers, community and the world. 

 

As part of our commitment to building an inclusive, high-performance culture where ZEOs feel inspired, connected and valued, we support ZEOs with:

  • Competitive compensation, variable bonus and performance reward opportunities, and retirement programs
  • Medical, dental and vision insurance
  • Generous, flexible time off 
  • Paid holidays, “wellness” days and company wide end of year break
  • 6 months fully paid parental leave 
  • Learning & Development stipend
  • Opportunities to volunteer and give back, including charitable donation match
  • Free resources and support for your mental wellbeing  

 

Specific benefits offerings may vary by country and can be viewed in more detail during your interview process.

 

Location & Work Arrangements

Organizations and teams at Zuora are empowered to design efficient and flexible ways of working, being intentional about scheduling, communication, and collaboration strategies that help us achieve our best results. In our dynamic, globally distributed company, this means balancing flexibility and responsibility — flexibility to live our lives to the fullest, and responsibility to each other, to our customers, and to our shareholders. For most roles, we offer the flexibility to work both remotely and at Zuora offices.

 

Our Commitment to an Inclusive Workplace

Think, be and do you! At Zuora, different perspectives, experiences and contributions matter. Everyone counts. Zuora is proud to be an Equal Opportunity Employer committed to creating an inclusive environment for all.

 

Zuora does not discriminate on the basis of, and considers individuals seeking employment with Zuora without regards to, race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics.

 

We encourage candidates from all backgrounds to apply. Applicants in need of special assistance or accommodation during the interview process or in accessing our website may contact us by sending an email to assistance(at)zuora.com.

Similar Jobs

PwC - Manager, IA Risk Consulting Advisory

PwC

Mumbai, Maharashtra, India (On-Site)
3 Weeks ago
Pluralsight - Business Development Representative

Pluralsight

Westlake, Texas, United States (Hybrid)
3 Weeks ago
bounteous - Associate Creative Director

bounteous

Canada (Remote)
1 Month ago
Tesla - Senior Account Manager, Powerwall Italy

Tesla

Milan, Lombardy, Italy (On-Site)
5 Months ago
Brainrider - Talent Bench

Brainrider

United States (Remote)
1 Month ago
LeoVegas - Senior Information Security GRC Analyst

LeoVegas

Sliema, Malta (On-Site)
4 Weeks ago
Two Circles - Cyber Security Operations Manager

Two Circles

London, England, United Kingdom (Hybrid)
3 Months ago
Yggdrasil Sandbox - Information Security and Data Protection Specialist

Yggdrasil Sandbox

St. Julian's, Malta (On-Site)
2 Months ago
Rackspace Technology - Security Engineer L3 (Endpoint Security)

Rackspace Technology

Gurugram, Haryana, India (Remote)
4 Months ago
Assystems - Cyber Security Officer

Assystems

Al Khobar, Eastern Province, Saudi Arabia (On-Site)
4 Months ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

shiro games - Senior Game Programmer

shiro games

Bordeaux, Nouvelle-Aquitaine, France (On-Site)
2 Months ago
Hitachi - Technical Consultant - F&O (For Pooling)

Hitachi

Bangkok, Thailand (On-Site)
1 Month ago
Revenera - Senior Site Reliability Engineer

Revenera

Bengaluru, Karnataka, India (On-Site)
3 Months ago
USE Insider - Technical Integration Specialist

USE Insider

Istanbul, İstanbul, Türkiye (On-Site)
1 Year ago
gitlab - Intermediate Support Engineer (APAC) - Shift

gitlab

Australia (Remote)
3 Weeks ago
Zuora - Solution Architect, Revenue Accounting

Zuora

Atlanta, Georgia, United States (Hybrid)
3 Months ago
Epic Games - Data Analyst - CorpTech Analytics

Epic Games

Cary, North Carolina, United States (On-Site)
4 Months ago
Marsh McLennan - Employee benefit associate

Marsh McLennan

Toronto, Ontario, Canada (Hybrid)
1 Month ago
PwC - ETIC, Data Solution Architect - Senior Manager

PwC

Cairo, Cairo Governorate, Egypt (On-Site)
9 Months ago
Trek - IT Procurement Analyst - Level I

Trek

Haryana, India (On-Site)
6 Months ago

Get notifed when new similar jobs are uploaded

Jobs in Sydney, New South Wales, Australia

Survay Monkey - Account Executive - New Business

Survay Monkey

Australia (Remote)
3 Weeks ago
Telastra - Telstra Retail: Part Time Customer Service & Sales Consultant

Telastra

Moranbah, Queensland, Australia (On-Site)
3 Weeks ago
Telastra - Senior Full Stack Developer

Telastra

Australia (On-Site)
3 Weeks ago
playside studios - UI Artist

playside studios

Melbourne, Victoria, Australia (Remote)
2 Months ago
Rippling - Senior Manager, Implementation APAC

Rippling

Sydney, New South Wales, Australia (Hybrid)
1 Month ago
Thales - Logistics and Warehouse Employee

Thales

Eden, New South Wales, Australia (On-Site)
3 Months ago
Cubic corporation - Exercise and Simulation Control (EXCON/SIMCON) Technician

Cubic corporation

Sydney, New South Wales, Australia (On-Site)
1 Year ago
foxi ventures - UX Designer

foxi ventures

Adelaide, South Australia, Australia (On-Site)
3 Months ago
Thales - Senior Project Engineer

Thales

Benalla, Victoria, Australia (On-Site)
3 Months ago
Miro - IT Administrator

Miro

Sydney, New South Wales, Australia (On-Site)
1 Week ago

Get notifed when new similar jobs are uploaded

Cyber Security Jobs

Rackspace Technology - Sr. Cloud Security Engineer

Rackspace Technology

United States (Remote)
1 Week ago
GoTo Group - Senior Cloud Security Engineer - CISO

GoTo Group

Jakarta, Jakarta, Indonesia (On-Site)
1 Month ago
appier - Security Engineer

appier

Taipei City, Taiwan (On-Site)
3 Weeks ago
Anavation - Information System Security Engineer

Anavation

Huntsville, Alabama, United States (On-Site)
1 Month ago
Thales - Consultant Cybersecurity Architect

Thales

Lyon, Auvergne-Rhône-Alpes, France (Hybrid)
2 Months ago
Twitch - Senior Security Engineer

Twitch

Los Angeles, California, United States (On-Site)
1 Month ago
Devoteam - Cybersecurity Architect

Devoteam

Porto, Porto District, Portugal (On-Site)
1 Month ago
Ion - Junior Cyber Security Analyst

Ion

Pisa, Tuscany, Italy (Hybrid)
10 Months ago
Apple - Security Compliance Engineer - Knowledge Management

Apple

Cupertino, California, United States (On-Site)
2 Months ago
Thales - Intern - Trainer (Cybersecurity)

Thales

Fredericton, New Brunswick, Canada (On-Site)
2 Weeks ago

Get notifed when new similar jobs are uploaded

About The Company

15 years ago, Zuora was born out of a vision that we could evangelize a fundamentally new way of doing business by shifting the focus of companies to deliver recurring, people-centric services instead of a one-time sale of products. This is how we coined the term, the Subscription Economy®.


Today, we see others evangelizing this term, and building entire communities around it. The Subscription Economy isn’t (and never was) just about subscription business models but, direct, recurring relationships with customers through any business model. Subscriptions were only just scratching the surface and now, the market recognizes the Subscription Economy for what it truly is-a relationship-centric economy. Companies have realized that the path to growth going forward is to establish direct, digital relationships with their customers, and to nurture and monetize these relationships through an ever growing set of digital services.


Alongside this evolution, Zuora has been there every step of the way. We started with Zuora Billing, and have expanded our award-winning multi-product portfolio to include Zuora Revenue, Zuora Payments and Zuora Central Platform. More recently, we’ve added subscription experience platform Zephr to our family, further expanding our capabilities to serve as an intelligent hub that monetizes the complete quote to cash and revenue recognition process at scale. We call this Monetization.

Redwood City, California, United States (Remote)

Bengaluru, Karnataka, India (Hybrid)

Bengaluru, Karnataka, India (On-Site)

Chennai, Tamil Nadu, India (On-Site)

Bengaluru, Karnataka, India (Remote)

Chennai, Tamil Nadu, India (Hybrid)

United States (Remote)

Redwood City, California, United States (On-Site)

Bengaluru, Karnataka, India (On-Site)

View All Jobs

Get notified when new jobs are added by Zuora

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug