Security Engineer

About Zum:  

Zum is a rapidly expanding Series E startup backed by industry leaders Sequoia Capital, SoftBank, Spark Capital, and GIC, with a bold mission to transform the stagnant school transportation industry. Operating in over 15 states across the United States—with flagship hubs in San Francisco, Los Angeles, and Seattle—we are actively extending our reach to the East Coast and Midwest regions. As a technology-driven company, we deploy cutting-edge solutions to manage and operate school district transportation systems while also launching our own charter platform and developing proprietary SaaS offerings. Additionally, we are spearheading a nationwide initiative to electrify school transportation fleets, simultaneously supporting local utilities by feeding much-needed energy back into the grid. We have been recognized as CNBC 50 disruptor, Financial Times 500 fastest growing companies, Fast Company World Changing Ideas.

Who You Are:  

We are seeking a highly motivated Security Engineer to join our team and play a key role in strengthening our security posture as we scale. This role will be responsible for building and improving security processes, workflows, and automations and will play a key role in the implementation of our SOC1 & 2 compliance. You will collaborate cross-functionally with IT, Engineering, and Compliance teams to implement technical safeguards, drive incident investigations, and streamline security operations. This role reports in to the Head of IT & Security.

What You'll Do:

• Design and implement vulnerability management workflows across multiple platforms and systems

• Develop automations to optimize security workflows, threat detection, and data analysis

• Help build out and implement SOC2 compliance framework

• Help buildout and implement SOX required controls within financial tools

• Draft, implement, and maintain security policies, procedures, and monitoring workflows

• Support incident response efforts, including investigation, remediation, and root cause analysis

• Partner with the IT team on least privilege access and DLP controls

• Conduct penetration testing and simulate real-world attacks to proactively identify vulnerabilities

• Build out AI initiatives to support the Security & IT teams needs

• Continuously evaluate new tools and technologies to improve security operations and posture

What You Bring To Zūm:

• 3+ years of experience in security engineering, with specific focus on SOC2 and SOX environments

• Proven experience in conducting penetration testing and vulnerability assessments

• Strong knowledge of vulnerability management tools

• Hands-on experience with automation tools and scripting (e.g., Python, Bash, or PowerShell)

• Familiarity with compliance standards such as SOC 2, SOX, ISO 27001, and NIST

• Strong analytical and problem-solving skills with the ability to respond quickly to security incidents

• Excellent communication and documentation skills

• Experience with cloud environments like AWS

• Experience with SIEM tools and EDR solutions

The targeted base salary range for this role is listed in the compensation section below. Actual salary may be above or below this range based on factors such as location, skills, and relevant experience. In addition, this position may include additional compensation in the form of equity or commissions. If you are a full-time salaried or hourly worker, we offer the following benefits: Medical, Dental, Vision, 401(k), Holidays, Wellness, Vacation, and more. The targeted pay range for this role is: $140,000 to $177,000

Zum Services, Inc. and all its subsidiaries provide equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.