WorkWayWorkWay
Get Started
Zuora logo
Zuora

Security Engineer

Costa RicaFull-TimeMid-levelSoftware Engineering

Skills

PythonShell scriptingAWSAzureKubernetesTerraformLinuxMachine learningSecurityOWASPEncryptionAgileProblem solvingMentoringDocumentationOwnership

You will be redirected to the company career page

Company Overview

  • At Zuora, we do Modern Business. We’re helping people subscribe to new ways of doing business that are better for people, companies and ultimately the planet. It’s an approach resulting from the shift to the Subscription Economy that puts customers first by building recurring relationships instead of one-time product sales and focuses on sustainable growth. Through our leading expertise and multi-product suite, we are transforming all industries and working with the world’s most innovative companies to monetize new business models, nurture subscriber relationships and optimize their digital experiences.

Experience & background

  • Typically 8+ years of progressive experience in infrastructure security, security operations, or security engineering.
  • 3–5+ years of hands-on experience with AWS and/or Azure security, including Infrastructure-as-Code (IaC) tooling (e.g., Terraform, CloudFormation).
  • Experience with containerized workloads and orchestrators such as EKS, ECS, or Kubernetes.
  • Proven experience in security incident handling, root cause analysis, and operational incident management in a 24/7 environment.
  • Experience running or contributing to an infrastructure vulnerability management program (discovery, prioritization, remediation, reporting).
  • Practical experience using automation and/or AI to improve security operations (e.g., SOAR playbooks, code-driven guardrails, detection-as-code).

Technical skills

  • Strong understanding of security fundamentals, including operating system internals, networking, cryptographic protocols, and attack surface reduction.
  • Proficiency in at least one scripting language (e.g., Python, PowerShell, Bash, or similar) for automation and tooling.
  • Hands-on experience with modern security platforms, such as:
  • SIEM, SOAR, CSPM, DSPM, CDR, CWPP, EDR/XDR
  • Solid knowledge of cloud-native security services:
  • Examples: IAM, encryption and key management, AWS GuardDuty, WAF, Security Hub, Config, etc.
  • Familiarity with web application security (e.g., OWASP Top 10) and common mitigation patterns.
  • Comfortable with Linux systems administration and troubleshooting in production environments.
  • SIEM, SOAR, CSPM, DSPM, CDR, CWPP, EDR/XDR
  • Examples: IAM, encryption and key management, AWS GuardDuty, WAF, Security Hub, Config, etc.

Soft skills & ways of working

  • Strong problem-solving and analytical skills; able to prioritize impact over noise.
  • Excellent written and verbal communication, including clear documentation and stakeholder updates.
  • Ability to collaborate effectively with distributed, cross-functional teams (engineering, SRE, operations, customer support).
  • Proven ability to lead through influence, mentor others, and help build a high-performance, learning-oriented security culture.
  • High attention to detail, with the ability to stay calm and organized under pressure.

Nice to have (not required)

  • Security certifications such as AWS Certified Security – Specialty, Azure Security Engineer Associate, or similar industry credentials.
  • Experience in Agile environments and applying Agile practices to security engineering and operations.
  • Prior experience in SaaS or other multi-tenant, highly available cloud services.
  • If you don’t meet every single requirement but are excited about the role and believe you can make an impact, we encourage you to apply.

Within this organization, the Infrastructure Security team focuses on securing Zuora’s foundational systems, services, and environments. The team

  • Designs and implements cloud-native security controls and guardrails that enable teams to move fast, safely.
  • Partners closely with infrastructure, SRE, platform engineering, and application teams to embed security into architecture, development, and operations.
  • Builds scalable automation and leverages AI/ML to reduce manual toil, improve detection quality, and shorten time-to-remediation.
  • Continuously monitors for emerging threats and collaborates with incident response and threat intelligence functions.

You’ll join a team that values curiosity, ownership, and collaboration, and that is constantly iterating on how we detect, prevent, and respond to threats in a rapidly evolving landscape.

  • In this role, you will:
  • Design and implement automated, AI-assisted security controls to harden our AWS and Azure infrastructure, reduce risk, and improve operational efficiency.
  • Serve as a technical leader for infrastructure security: shaping standards, patterns, and best practices across cloud accounts, Kubernetes clusters, and core services.
  • Partner with engineering, SRE, and operations teams to understand architectures and build practical, scalable security solutions that enable—not block—delivery.
  • Lead or contribute to threat modeling, architecture reviews, and design consultations for new or evolving systems.
  • Operate and tune security tooling (CSPM, CWPP, SOAR, EDR/XDR, IaC security, Kubernetes security, etc.), ensuring high signal-to-noise and actionable insights.
  • Drive continuous vulnerability management across infrastructure:
  • Own or support discovery, risk-based prioritization, remediation plans, and executive reporting.
  • Help shape and execute our detection and response strategy:
  • Develop and improve detections, triage playbooks, and automated response workflows.
  • Participate in and help lead incident response activities when needed.
  • Contribute to a global on-call rotation, ensuring high-quality coverage and timely response as part of our follow-the-sun operations model.
  • Create and maintain clear documentation, standards, and runbooks that help scale best practices across Zuora.
  • Mentor other engineers and contribute to a culture of continuous learning and improvement.
  • Own or support discovery, risk-based prioritization, remediation plans, and executive reporting.
  • Develop and improve detections, triage playbooks, and automated response workflows.
  • Participate in and help lead incident response activities when needed.

#ZEOLife at Zuora

  • At Zuora, we’re constantly learning, innovating, and growing. Our people—known as ZEOs—are empowered to take ownership, challenge the status quo, and make a lasting impact.
  • We collaborate deeply, think boldly, and support one another to make what’s next possible—for our customers, our communities, and each other.
  • We offer:
  • Competitive compensation, bonus opportunities, and retirement programs
  • Comprehensive medical, dental, and vision coverage
  • Generous, flexible time off
  • Paid holidays, wellness days, and a company-wide year-end break
  • Paid parental leave
  • Learning & development stipend
  • Opportunities to give back, including volunteer time and donation matching
  • Mental wellbeing resources and support
  • (Benefits may vary by location; details will be shared during the interview process.)
  • Location & Work Arrangements
  • Zuora teams are empowered to design flexible, intentional ways of working. Whether remote, hybrid, or in-office, we balance flexibility with accountability—to each other, our customers, and our mission.
  • For most roles, you’ll have the freedom to work where you’re most productive while staying connected to your team and the broader ZEO community.
  • Our Commitment to an Inclusive Workplace
  • Think, be and do you! At Zuora, different perspectives, experiences and contributions matter. Everyone counts. Zuora is proud to be an Equal Opportunity Employer committed to creating an inclusive environment for all.
  • Zuora does not discriminate on the basis of, and considers individuals seeking employment with Zuora without regards to, race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics.
  • We encourage candidates from all backgrounds to apply. Applicants in need of special assistance or accommodation during the interview process or in accessing our website may contact us by sending an email to assistance@zuora.com

Job Summary

CompanyZuora
LocationCosta Rica
TypeFull-Time
LevelMid-level
DomainSoftware Engineering

Similar roles you might like

SpaceX logo
SpaceX

Environmental Engineer

Bastrop, TXFull-Time
Software Engineering
SpaceX logo
SpaceX

Mechanical Engineer, Aviation Integration (Starlink)

Woodinville, WAFull-Time
Software Engineering
Ownership
SpaceX logo
SpaceX

Process Engineer, Spacecraft Corrosion & Cleanliness (Starship)

Starbase, TXFull-Time
Software Engineering
Ownership

More roles at Zuora

Zuora logo
Zuora

HRIS Analyst - Workday

Chennai, Tamil Nadu, IndiaFull-Time
Analyst
SecurityAgileProblem solvingDocumentationOwnership
Zuora logo
Zuora

Site Reliability Engineer II

Chennai, Tamil Nadu, IndiaFull-Time
DevOps
PythonShell scriptingAWSKubernetesDockerTerraformAnsibleCI/CD+10
Zuora logo
Zuora

FP&A Analyst II

Foster City, California, United StatesFull-Time
Analyst
Problem solvingOwnership
Security Engineer at Zuora (Costa Rica) | WorkWay