Identity & Access Management Security Engineer

About the job
Job Title: Security Engineer I
Reports to: Manager, Security Engineering
Job Location: Los Angeles, CA, USA
Job Status: Exempt, FT
About SHEIN
SHEIN is a global fashion and lifestyle e-retailer committed to making the beauty of fashion accessible to all. We use on-demand manufacturing technology to connect suppliers to our agile supply chain, reducing inventory waste and enabling us to deliver a variety of affordable products to customers around the world. From our global offices, we reach customers in more than 150 countries.
Founded in 2012, SHEIN has nearly 10,000 employees operating from offices around the world, with U.S. Headquarters located in Los Angeles and Global Headquarters located in Singapore. In SHEIN, we work with outstanding, creative, and capable peers. We share an energetic and open culture for capable people to discern, work and ignite as a team.
Position Summary
SHEIN Global Security and Risk Management (GSRM) is a global security organization that oversees security infrastructure, risk management, data privacy, business fraud, governance, and regulatory compliance across SHEIN's global footprint. It is composed of a team of security professionals, innovators and thought leaders that have had decades of global security experience, led large scale transformations, and served in Fortune 500 executive roles.
We are looking for We are looking for an Identity & Access Management Security Engineer (Official Title: Security Engineer I) for our Los Angeles, CA-based office, who thrives in dynamic environments where your IDAM expertise can directly impact an industry leader's security posture. You will have a high impact role in designing, implementing, and maintaining IDAM solutions that secure our digital assets and ensure seamless access for our users. We are looking for a motivated candidates who thrives on challenges, adapts to change quickly, and stays ahead of the curve in the ever-evolving cybersecurity landscape.
You will work with like-minded motivated engineers across many disciplines to design, secure, and make a difference in the company's security architecture. You should have a deep technical understanding of how IDAM functions in cloud, application, host and network security practices, as well as all incident response protocols and practices. Join our team and bring your unique blend of grit to persevere through challenges, a driven nature to achieve, and independent thinking skills for resolving problems.
Job Responsibilities

• Design, evaluate, and implement IAM solutions to scale automated repeatable access management controls inclusive of onboarding, provisioning, offboarding, and deprovisioning of company's user and admin type accounts.
• Evaluate existing cloud and on-premise technologies for efficacy specific to user visibility and protection of credentials and access.
• Troubleshoot end-to-end user connectivity to cloud-based and on-premise infrastructure systems and services.
• Participate in creating and updating new strategy, project plans and policy documents based on security and data protection requests that map to SHEIN's business requirements.
• Work directly with business units to facilitate change requests, incident response protocols, data analysis, solution requirements and technology roadmaps to ensure compliance with industry and regulatory standards.
• Demonstrates continuous effort to improve system security while maintaining the best possible performance, automate business processes and work cooperatively and provide quality seamless customer service.
• Architect, configure, and automate secure IAM policies to control access, authentication, and authorization mechanisms for cloud and on-premise resources.
• Conduct regular security assessments to identify vulnerabilities and enforce IDAM security policies while automating controls to achieve efficacy
• Stay current with emerging security threats, technologies, and regulations to proactively enhance our IDAM security posture.
• Lead the design, deployment, and continuous improvement of IDAM systems and processes.
• Collaborate cross-functionally with IT, security, and business teams to ensure seamless integration and alignment of IDAM initiatives, optimize IDAM operations, and proactively identify and mitigate vulnerabilities in IDAM systems.
• Lead the stewardship of our IDAM strategies, bridging the business needs with strict governance and compliance, shaping not just systems, but organizational culture.
• Advocate and enforce principles of least privilege across global operations, ensuring identity verification, risk-based authentication, and layered defense mechanisms.

Job Requirements

• Bachelor's Degree in Computer Science, Information Security, related technology field, or equivalent experience is preferred. Advanced degrees and certifications in IAM security (e.g., CIAM, CIST, CISSP-IAM) is highly preferred.
• 1+ years of experience in an IDAM security role with a proven track record of success.
• Proven impact in one or more of the following Security domains as it relates to IDAM: Cloud Security, Secrets and Keys Management Security, Network Security, and Endpoint Security is preferred.
• Proficiency around administrator account management, provisioning, general and alert reporting and comprehensive measurement.
• Proficiency with IAM tools similar to CyberArk, AWS/GCP/Azure/AD/Okta (Identity & Access Management) and extensive knowledge of protocols like SAML, OAuth, and OpenID Connect.
• Proficiency in scripting and automation tools to integrate and automate security processes and applications.
• Experienced working in a fast-paced, high-growth environment. Must be able to support on-call, escalation and fast tempo production environments.
• Experience with cloud and premise networks and experience in e-commerce or technology industry is preferred.
• Knowledge of compliance frameworks and standards such as GDPR, CCPA, PCI, CPA, NIST, and ISO/IEC 27001, & 27002, SOC 2, etc. preferred.
• Experience building and running from ground up segmented, secure and platform managed security systems/applications.
• Experience partnering with governance and compliance parties on meeting regulatory requirements and assessing emerging threats and mitigations preferred.
• Strong working and practical knowledge of security monitoring, threat hunting, log management, SIEM and data analytics.
• Previous experience designing and fully implementing IDAM solutions inclusive of governance
• Demonstrated knowledge and experience with troubleshooting open-source software and code review to ensure integrity and reliability is preferred.
• Prior experience in e-commerce or technology industry is preferred.

Pay
$101,400.00 min - $166,800.00 max annually, Bonus & RSU offered.
Benefits and Culture
Healthcare (medical, dental, vision, prescription drugs)
Health Savings Account with Employer Funding
Flexible Spending Accounts (Healthcare and Dependent care)
Company-Paid Basic Life/AD&D insurance
Company-Paid Short-Term and Long-Term Disability
Voluntary Benefit Offerings (Voluntary Life/AD&D, Hospital Indemnity, Critical Illness, and Accident)
Employee Assistance Program
Business Travel Accident Insurance
401(k) savings plan with discretionary company match and access to a financial advisor
Vacation, Paid holidays and sick days
Employee Discounts
Perks (HQ Location)
Free weekly catered lunch at HQ
Dog-Friendly office
Free Gym Access at HQ
Free Swag Giveaways
Annual Holiday Party
Invitations to pop-ups and other company events
Complimentary daily office snacks and beverages
Free Shuttle Service from HQ to LA Union Station
SHEIN Distribution is an equal opportunity employer committed to a diverse workplace environment.
Show more Show less
Top skills for this role
AWS Identity and Access Management (AWS IAM)
Security Engineering
Microsoft Intune
Microsoft Azure
Identity and Access Management (IAM)
Amazon Web Services (AWS)
Cloud Security
NIST
Security Information and Event Management (SIEM)
Incident Response
Strengthen your skills with these courses
Employer-provided
Pay range in Los Angeles, CA
Exact compensation may vary based on skills, experience and location
Base pay range
$101,400.00/yr - $166,800.00/yr