Watch this video to learn more about Zillow
Job Details
About the team
The Application Security team at Zillow partners closely with engineering, platform, and product teams to embed security throughout the software development lifecycle. We play a critical role in strengthening cloud-native architectures and enabling the safe adoption of emerging technologies, such as AI, while supporting fast, reliable innovation across Zillow Group.About the role
As a Principal Security Engineer, you will be a senior technical leader responsible for identifying and reducing security risk across Zillow’s applications, cloud environments, and AI-enabled systems. You will drive change through influence, operate effectively in ambiguous spaces, and help shape how security is embedded into our evolving platform. Your work will have a direct impact on the safety and reliability of Zillow’s products and services.
As a Principal Security Engineer, You Will Get To:
Lead application security assessments, including scoping and managing penetration testing, threat modeling, and secure design reviews for high-impact systems.
Identify, validate, and prioritize complex security vulnerabilities across web applications, APIs, and cloud-native services.
Partner with software engineers to embed secure-by-default patterns into application architectures and development workflows.
Influence the security of primarily AWS-based systems, with exposure to GCP and Azure, focusing on identity, networking, data protection, and service integrations.
Drive AI security initiatives by establishing guardrails, patterns, and review practices, and assess AI-specific risks such as data exposure, misuse, and unintended behaviors in AI- and LLM-powered systems.
Develop and promote scalable application and AI security standards, guardrails, and best practices.
Mentor and coach security engineers, raising the technical bar and fostering a culture of security across the team.
Serve as a technical owner for application and AI security tooling, responsible for configuration, integration, and ongoing improvement in partnership with engineering and platform teams.
Who you are
Minimum of 7+ years of security engineering experience, including at least 5+ years focused on Application Security or penetration testing.
Demonstrated experience driving or owning AI security initiatives (2+ years), including assessing and mitigating risks in AI- or LLM-enabled systems.
Deep understanding of common vulnerability classes and secure software development practices.
Hands-on experience securing cloud-native applications, particularly in AWS environments, and designing secure solutions across modern application and cloud environments.
Ability to read, write, and review code in at least one modern programming language.
Proven experience designing and implementing secure system architectures, including hands-on threat modeling and security-driven design decisions.
Experience communicating security risks clearly to both technical and non-technical partners.
Demonstrated ability to mentor engineers and act as a technical leader without formal authority.
Here at Zillow, we value the experience and perspective of candidates with non-traditional backgrounds. We encourage you to apply if you have transferable skills or related experiences.
Get to know us
At Zillow, we’re reimagining how people move—through the real estate market and through their careers. As the most-visited real estate platform in the U.S., we help customers navigate buying, selling, financing and renting with greater ease and confidence. Whether you're working in tech, sales, operations, or design, you’ll be part of a company that's reshaping an industry and helping more people make home a reality.
Zillow is honored to be recognized among the best workplaces in the country. Zillow was named one of FORTUNE 100 Best Companies to Work For® in 2025, and included on the PEOPLE Companies That Care® 2025 list, reflecting our commitment to creating an innovative, inclusive, and engaging culture where employees are empowered to grow.
No matter where you sit in the organization, your work will help drive innovation, support our customers, and move the industry—and your career—forward, together.
Zillow Group is an equal opportunity employer committed to fostering an inclusive, innovative environment with the best employees. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. If you have a disability or special need that requires accommodation, please contact your recruiter directly.
Qualified applicants with arrest or conviction records will be considered for employment in accordance with applicable state and local law.
Los Angeles County applicants: Job duties for this position include: work safely and cooperatively with other employees, supervisors, and staff; adhere to standards of excellence despite stressful conditions; communicate effectively and respectfully with employees, supervisors, and staff to ensure exceptional customer service; and follow all federal, state, and local laws and Company policies. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness and professionalism, and safeguard business operations and the Company’s reputation. Pursuant to the Los Angeles County Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.
The work we do helps people get home. At Zillow, we’re building what’s next - smarter tools, simpler experiences, and a housing journey designed... Read more