Cloud Security Engineer



Other Engineering
Costa Rica · Remote
Posted on Friday, March 24, 2023

Over the past 15 years, we have seen a shift in the focus of business models across every industry – from selling physical products via one-time transactions to monetizing services via ongoing customer (aka subscriber) relationships. This is the “Subscription Economy” a phrase coined by our CEO, Tien Tzuo, he even wrote the book on it: Subscribed.

Companies have realized that the path to growth going forward is to establish direct, digital relationships with their customers, and monetize these relationships through an ever growing set of digital services.

Our vision is simple: we call it “The World Subscribed.” It’s the idea that one day every company will join the Subscription Economy -- a $1.5 Trillion opportunity by 2025 according to UBS.

Our mission: to power the world’s best companies to win in the Subscription Economy.


Zuora’s Security teams are responsible for Application & Product Security across our ecosystem. This includes defending Cloud and Data Center infrastructure, managing internal and external security services, and more - all with the mission of securing Zuora’s customer-facing SaaS products and platforms. Our technologists sit across US, Beijing, and India using a follow-the-sun model to provide 24x7x365 coverage for critical functions. We partner closely with our Engineering, Customer Support, TechOps, IT, Global Services and Sales teams on a daily basis to keep our customers front and center.


  • Monitor, Detect and Respond to alerts generated by security controls as part of 24x7 delivery team
  • Incident Response, Containment and Remediation handling
  • Analyze, document and report on potential security incidents and perform Threat Hunting for business critical environments
  • Drive, improve and automate all aspects of SOC using custom scripting, and other SOAR platform
  • Write infrastructure as code using CloudFormation or similar. You should see different technologies as a means to an end and be well practiced at hunting for a solution through unfamiliar domains


We are looking for a Cloud Security Operations Engineer with a passion for detecting cyber security threats, remediate them and prevent occurance of them in the future. Automate the manual processes to increase the response time and thus solve security challenges. You will have a chance to apply your skills and passion to improve the security of our product on a daily basis, and make a visible impact by driving metrics, process, and automation for threat monitoring.

OUR TECH STACK: Java, Spring, Ruby, Rest APIs, Microservices, Kafka, Spark, NodeJS, AWS, Kubernetes, Terraform, AngularJS, CI/CD tools (e.g. Jenkins, Ansible, Puppet, Terraform, python, go.), SIEM like SumoLogic, Splunk, ELK, SOAR like komand, demisto


  • Detect, respond and remediate threats targeting Zuora’s products and infrastructure
  • Build workflows using SOAR to automate various playbooks and processes.
  • Plan, scope and coordinate various adversarial testing (e.g. external penetration testing).
  • Perform internal penetration tests and participate in internal red team exercises.
  • Drive the evaluation, integration and testing of new security tools and technologies
  • Collaborate with other teams in vulnerability management programs.
  • Write infrastructure as code using CloudFormation or similar.


  • 2-5 years of security experience, specifically on SOC.
  • 5+ years of technology experience.
  • Strong understanding of Network Security, System Security, Web application security, End-point Security including hands-on exploitation skills coupled with defensive skills.
  • Familiarity with infrastructure and systems security domains and automation.
  • Ability to explain complex security issues and their impact to diverse audiences.
  • Be a fast learner and have experience partnering with cross-functional teams.
  • BA/BS in Computer Science or similar technical degree or equivalent experience


  • Modest competency in common scripting and automation languages (Python, Ruby, Golang, etc.)
  • Windows, Linux and Unix based systems
  • Cloud based technologies (e.g. AWS, Azure, GCP)
  • Endpoint Security tools (e.g. Crowdstrike, Carbon black)
  • SIEM (e.g. Sumo Logic, Splunk, Alien Vault) and SOAR (e.g. Phantom, Demisto, Komand)


  • Competitive compensation, company equity, and retirement programs
  • Medical, dental and vision insurance
  • Paid holidays and “wellness” days and company wide winter break
  • Generous, flexible time off
  • 6 months fully paid parental leave
  • Learning & Development stipend
  • Opportunities to volunteer and give back, including charitable donation match
  • Free resources and support for your mental wellbeing

*Specific benefits offerings may vary by country

About Zuora

As the Subscription Economy leader, Zuora empowers today’s innovative companies to nurture and monetize direct, digital relationships. Our award-winning multi-product portfolio now includes Zuora Revenue, Zuora Collect and Zuora Central Platform. More recently, we’ve added subscription experience platform Zephr to our family, further expanding our capabilities to serve as an intelligent hub that monetizes the complete quote to cash and revenue recognition process at scale.

Through our combination of technology and expertise, Zuora (NYSE: ZUO) helps more than 1,000 companies around the world, including BMC Software, Box, Caterpillar, General Motors, Penske Media Corporation, Schneider Electric, Siemens and Zoom nurture and monetize direct, digital customer relationships. Headquartered in Silicon Valley, Zuora operates offices around the world in the U.S., EMEA, APAC and LATAM.

“ZEO” Culture

At Zuora, we’re building an inclusive, high-performance culture that every ZEO wants to subscribe to. We want ZEOs at every level to feel valued, included, and inspired to innovate, connect and collaborate authentically as we pioneer the Subscription Economy. You’ll be empowered to think like an owner, take initiative and together, with the support of your team you’ll push each other to the next level and help transform business models everywhere.

To learn more visit

Zuora is proud to be an Equal Employment Opportunity Employer.

Think, be and do you! At Zuora, different perspectives, experiences and contributions matter. Everyone counts. Zuora is proud to be an Equal Opportunity Employer committed to creating an inclusive environment for all.

Zuora does not discriminate on the basis of, and considers individuals seeking employment with Zuora without regards to, race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics.

We encourage candidates from all backgrounds to apply. Applicants in need of special assistance or accommodation during the interview process or in accessing our website may contact us by sending an email to