It has come to our attention that there may be people posing as members of Zuora’s recruiting and human resources team online. These persons have been offering fraudulent employment opportunities to applicants and often asking for sensitive personal and financial information.

Security Process Lead

Redwood City, CA, United States

Over the past 15 years, we have seen a shift in the focus of business models across every industry – from selling physical products via one-time transactions to monetizing services via ongoing customer (aka subscriber) relationships. This is the “Subscription Economy” a phrase coined by our CEO, Tien Tzuo, he even wrote the book on it: Subscribed.

Companies have realized that the path to growth going forward is to establish direct, digital relationships with their customers, and monetize these relationships through an ever growing set of digital services.

Our vision is simple: we call it “The World Subscribed.” It’s the idea that one day every company will join the Subscription Economy — a $1.5 Trillion opportunity by 2025 according to UBS.

Our mission: to power the world’s best companies to win in the Subscription Economy.


Our Information Technology (IT) team is Zuora's internal engineering organization, responsible for creating technology experiences that connect our teams, drive business alignment and build a stronger, more collaborative work “place.” With a cloud-first approach, we empower our global ZEOs with increased productivity and self-service to enable company growth, scale and flexibility while hardening our security and compliance posture.


A Security Process Lead at Zuora works closely with IT, Product Security, Compliance and engineering teams to identify risk areas and establish baseline control alignment for continued organizational growth and maturity. You will plan internal audits from start to finish, perform gap assessments and advice on gap closure, collect and review evidence, and present evidence to managers of IT systems. In addition, you will serve as an advisor to IT teams, create security processes to support securing IT systems, and draft policies for best practices that the IT organization will consume. You will own key systems that help support the function and execute projects to continually enhance the operational capabilities of the systems managed by you. You’ll find work at Zuora to be uniquely rewarding because of our company culture and your great co-workers.

OUR TECH STACK: AWS, Azure, GCP, Active Directory, Okta, RSA, OneLogin


  • Implement systems and processes to support governance and risk management programs 
  • Support the company’s corporate compliance initiatives, including SOX ITGC, SOC 1, SOC 2, ISO 27001 and PCI
  • Lead IT SOX compliance activities
  • Create, maintain and review information security policies and standards aligned with industry standards, addressing compliance and legal obligations
  • Engage and manage internal/external auditors supporting IT security and compliance assessments
  • Create an end-to-end vendor security program, including architecture reviews, periodic compliance reviews, onboarding and offboarding processes as part of IT ARC and Procurement review
  • Manage annual and semi-annual reviews of Zuora’s IT Policies and Procedures
  • Own and manage audit assurance platform for audit evidence collection
  • Measure and report on control effectiveness in compliance with the enterprise security program
  • Drive alignment with key partners to sync and scale Zuora Enterprise Security
  • Partner with key stakeholders to drive compliance security process efforts for daily, monthly and annual review with adherence to security policies
  • Drive initiatives to reduce end user security risk through processes and tooling
  • Deliver a comprehensive security awareness program, including annual training, newsletters, and interactive activities


  • 8+ years of experience in a similar role
  • Have a strong understanding of the organizational landscape and compliance requirements and processes
  • Effective communication skills enabling the ability to communicate complex information to various audiences both verbally and in writing (English)
  • In depth knowledge of cloud technologies
  • In depth knowledge and experience leading audits for certification standards such as SOC-2, HIPAA, PCI-DSS, CSA STAR, ISO 27001, NIST 800 etc.
  • In depth knowledge of security frameworks such as CIS, NIST, OWASP etc.
  • In depth knowledge of information security principles and practices
  • Passionate about security, privacy, and compliance
  • Be an evangelist who drives security processes, maintain, audit and review against control areas
  • Passionate about security, privacy, and compliance
  • Industry certifications are a plus: CISSP, CISM, CISA, CRISC, GCAP etc.
  • Bachelor's degree in computer science, mathematics, related field or equivalent years of relevant experience


  • Competitive compensation, company equity, and retirement programs
  • Medical, dental and vision insurance
  • Paid holidays and “wellness” days and company wide winter break
  • Generous, flexible time off 
  • 6 months fully paid parental leave
  • Learning & Development stipend
  • Opportunities to volunteer and give back, including charitable donation match
  • Free resources and support for your mental wellbeing

*Specific benefits offerings may vary by country

About Zuora 

As the Subscription Economy leader, Zuora empowers today’s innovative companies to nurture and monetize direct, digital relationships. Our award-winning multi-product portfolio now includes Zuora Revenue, Zuora Collect and Zuora Central Platform. More recently, we’ve added subscription experience platform Zephr to our family, further expanding our capabilities to serve as an intelligent hub that monetizes the complete quote to cash and revenue recognition process at scale.

Through our combination of technology and expertise, Zuora (NYSE: ZUO) helps more than 1,000 companies around the world, including BMC Software, Box, Caterpillar, General Motors, Penske Media Corporation, Schneider Electric, Siemens and Zoom nurture and monetize direct, digital customer relationships. Headquartered in Silicon Valley, Zuora operates offices around the world in the U.S., EMEA, APAC and LATAM.

“ZEO” Culture

At Zuora, we’re building an inclusive, high-performance culture that every ZEO wants to subscribe to. We want ZEOs at every level to feel valued, included, and inspired to innovate, connect and collaborate authentically as we pioneer the Subscription Economy. You’ll be empowered to think like an owner, take initiative and together, with the support of your team you’ll push each other to the next level and help transform business models everywhere.

To learn more visit

Zuora is proud to be an Equal Employment Opportunity Employer.

Think, be and do you! At Zuora, different perspectives, experiences and contributions matter. Everyone counts. Zuora is proud to be an Equal Opportunity Employer committed to creating an inclusive environment for all.

Zuora does not discriminate on the basis of, and considers individuals seeking employment with Zuora without regards to, race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics.

We encourage candidates from all backgrounds to apply. Applicants in need of special assistance or accommodation during the interview process or in accessing our website may contact us by sending an email to

Let’s do this.

You’re unique and we’re on a journey – so let’s embark on a unique journey together. We encourage you to apply to all roles that utilize your skills and ignite the passion within you.

No matter where you’re located, or which team you work on, you’ll be part of a group of people working together to build a better world: The World Subscribed.

Go ahead and apply!



Get to Know Us

Go ahead, take a look inside #ZEOLife. Meet our ZEOs and learn what it’s like to be a part of our team.

Read the Life at Zuora Blog

Choosing to Challenge, Today and Everyday at Zuora

Zuora’s executive team shares their insights on how we can “Choose to Challenge”...

Read more  

Choosing to Challenge, Today and Everyday at Zuora

C-Crets to Advocating for Yourself at Work

Four steps everyone can take to guide their career to the next level while maint...

Read more  

C-Crets to Advocating for Yourself at Work

Highlights from the Subscription Experience 2021

The global Subscribed experience goes virtual in our first ever Subscription Exp...

Read more  

Highlights from the Subscription Experience 2021

Connect with us

All about relationships. Let’s connect!