Senior AI Security Engineer II

• Deep experience across AI security, application security, cloud security or security engineering, with hands-on exposure to LLMs, RAG systems and AI APIs
• Shape how AI security is embedded across Zip’s next generation products, LLM applications and agentic workflows, helping protect millions of customers and merchants
• Hybrid working flexibility, with team connection days in our Sydney or Melbourne offices

Write your story with a career at Zip

Join Zip’s Technology function, responsible for building and maintaining seamless, secure and sustainable platforms that enable customers to shop with confidence and merchant partners to grow their brands.

As part of our Cyber Security team, you’ll play a key role in helping Zip adopt AI safely, responsibly and at scale. Working across AI-enabled products, internal tooling and emerging technologies, you’ll partner closely with Engineering, Product, Data, Privacy, Legal and Risk teams to embed security by design into how we build and deliver.

This is an opportunity to work at the forefront of AI security, tackling evolving threats and designing practical controls that protect customers, merchants and Zipsters alike. You’ll bring a pragmatic and forward-thinking approach to threat modelling, secure AI architecture and risk reduction, while helping shape the future of AI governance and security practices across the business.

What you’ll own

• Lead security reviews and threat modelling activities across AI-enabled products, LLM applications, RAG systems, agentic workflows and AI APIs
• Identify and assess AI-specific threats including prompt injection, model abuse, sensitive data disclosure, insecure output handling, excessive agency and model or data poisoning risks
• Design and implement secure AI patterns including least-privilege access controls, output validation, audit logging, monitoring, abuse detection and human approval workflows
• Partner with Engineering teams to embed AI security controls into SDLC, CI/CD, MLOps and LLMOps practices
• Contribute to AI governance frameworks, standards, policies and control mapping activities across the organisation
• Review third-party AI vendors, SaaS AI capabilities and model providers to support secure and compliant adoption of AI technologies
• Help develop AI security tooling, testing approaches and monitoring capabilities to proactively identify and reduce risk before production deployment
• Deliver practical guidance and awareness sessions that improve understanding of AI security risks, controls and secure design practices across technical and non-technical teams

What you'll bring to the team

Zipsters work on a broad range of initiatives, and our skills and experiences all look a little different. What really matters to us is that you’re a great fit with our four Values, and have a desire to learn and grow.

So whether you meet some or all of the desirable attributes below, we’d still love to hear from you:

• 5+ years experience across security engineering, application security, cloud security, product security, security architecture, penetration testing or red teaming
• Hands-on experience securing or reviewing AI/ML, LLM, RAG or agent-based systems
• Threat modelling capabilities with the ability to translate security risk into practical engineering outcomes
• Experience across web and API security, IAM, secrets management, secure SDLC, cloud security, logging, detection and incident response
• Programming experience with Python or another modern programming language
• Familiarity with LLM architectures, vector databases, embeddings, AI agents and modern AI data flows
• Exposure to frameworks such as OWASP LLM Top 10, MITRE ATLAS, NIST AI RMF, Google SAIF or ISO/IEC 42001 is highly regarded
• Expert communication and stakeholder engagement skills, with the ability to influence and collaborate across technical and business teams
• A mindset that embraces AI and new tools to adapt, learn and grow.
• An aptitude for identifying and managing risks. Whether you are a People Manager or an Individual Contributor, we are all leaders at Zip, therefore effective risk management is important to how we run our business and part of all our roles.
• Our values in your DNA: Customer First, Own It, Stronger Together and Change the Game

What you’ll get in return

As we write this next exciting chapter in our story, we will continue to move at pace and embrace change. For you, this might mean opportunities to learn new skills with hands-on experience, broader responsibilities, or the buzz of seeing your work impact customers faster.

Zip is a place where you’ll get out exactly what you put in. When you join the team, we'll do our best to make sure you can be yourself and surround yourself with smart, friendly colleagues and leaders who have your back, so that you can make the big things happen.

Zipsters tell us these are just some of the best things about working here. You’ll also receive:

• 25 days paid leave annually, including birthday leave and quarterly wellbeing days
• 16 weeks paid parental leave for primary carers, and 4 weeks for supporting carers
• Family support policies including miscarriage bereavement leave and domestic violence leave
• Mental health and wellness initiatives, including $299 annual wellbeing allowance, free access for you and family members to our EAP service Sonder, discounted private health insurance and great rates on fitness sessions through ClassPass
• 2 days paid volunteering leave per year
• Access to the Flare Benefits Hub and Novated Leasing for savings across lifestyle, essentials and wellbeing
• Fee-free Zip products, and discounts with Zip merchant partners
• Team social events, epic offices, free breakfast daily, and weekly free lunches

Be a part of a team that reflects the diversity of our customers

We pride ourselves on being a workplace that provides equal opportunities to people of all ages, cultural backgrounds, sexual orientations, gender identities, abilities, veteran status, and everything else that makes you unique.

Equally, we’re committed to ensuring our recruitment processes are accessible and inclusive. Please let us know If there are any adjustments that need to be made to ensure you have a fair and equitable experience.

And finally…get to know us

Zip Co Limited (ASX: ZIP) is a digital financial services company, offering innovative, people-centred products that bring customers and merchants together.

Operating in two core markets - Australia and New Zealand (ANZ) and the US, Zip offers point-of-sale credit and digital payment services, connecting millions of customers with its global network of tens of thousands of merchants.

We’re proud to be a values-led business and our values - Customer First, Own it, Stronger Together and Change the Game - guide us in everything we do.

#LI-Hybrid