Senior Cloud Security Engineer (DevSecOps)

About the job
Job Title: Senior Security Engineer I
Reports to: Manager, Security Engineering
Job Location: Los Angeles, CA, USA
Job Status: Exempt, FT
About SHEIN
SHEIN is a global fashion and lifestyle e-retailer committed to making the beauty of fashion accessible to all. We use on-demand manufacturing technology to connect suppliers to our agile supply chain, reducing inventory waste and enabling us to deliver a variety of affordable products to customers around the world. From our global offices, we reach customers in more than 150 countries.
Founded in 2012, SHEIN has nearly 10,000 employees operating from offices around the world, with U.S. Headquarters located in Los Angeles and Global Headquarters located in Singapore. In SHEIN, we work with outstanding, creative, and capable peers. We share an energetic and open culture for capable people to discern, work and ignite as a team.
Position Summary
SHEIN Global Security and Risk Management (GSRM) is a global security organization that oversees security infrastructure, risk management, data privacy, business fraud, governance, and regulatory compliance across SHEIN's global footprint. It is composed of a team of security professionals, innovators and thought leaders that have had decades of global security experience, led large scale transformations, and served in Fortune 500 executive roles.
We are looking for Senior Cloud Security Engineer (DevSecOps) (Official Title: Senior Security Engineer I) for our Los Angeles, CA-based office, who will focus on the company's cloud security, including but not limited to Secrets & Keys Management, Cloud Security Posture Management (CSPM), Identity and Access Management (IAM), endpoint security, and cloud firewalls (e.g., WAF, NSG). You will champion our cloud security initiatives, evaluate industry standards, and architect recommended changes/solutions to meet industry standards.
You will work with like-minded motivated engineers across many disciplines to design, secure, and make a difference in the company's security architecture. Collaborating with the global security engineering and operations (SOC) teams on data ingestion, incident response, and vulnerability management. You will ensure that all production security controls and technologies are evaluated, monitored, and built to meet or exceed industry guidelines. Join our team and bring your unique blend of grit to persevere through challenges, a driven nature to achieve, and independent thinking skills for researching and resolving problems.
Job Responsibilities

• Develop and implement robust cloud security strategies that align with our business objectives and compliance requirements
• Implement the strategies via automation to maximize control efficacy and user experience
• Work directly with global business units to translate business needs into requirements and deliver a secure solution compliant to company standards
• Manage Cloud Security Posture Management (CSPM) to identify and mitigate risks, ensuring optimal configuration, compliance, and governance of our cloud environments
• Architect, configure, and automate secure cloud IAM policies to control access, authentication, and authorization mechanisms for cloud resources
• Design, deploy, and automate effective endpoint security measures to protect cloud-hosted services and applications from threats
• Implement cloud-native firewalls such as Web Application Firewalls (WAF) and Network Security Groups (NSG) to secure network traffic and prevent unauthorized access
• Conduct regular security assessments to identify vulnerabilities and enforce security policies while automating controls to achieve efficacy
• Collaborate with cross-functional teams to ensure cloud security requirements are integrated into the development lifecycle and operational processes
• Stay current with emerging security threats, technologies, and regulations affecting cloud platforms and services
• Provide expert guidance and lead response efforts for cloud security incidents
• Evaluate the current endpoint protection capabilities of the cloud infrastructure and fine-tune it to strengthen company's security posture
• Demonstrates continuous effort to improve system security while maintaining the best possible performance, streamline processes via automation and work cooperatively to provide quality customer experience

Job Requirements

• Bachelor's degree in Computer Science, Information Security, related technology field or equivalent experience. Advanced degrees and certifications in cloud security (e.g., CCSP, AWS Security Specialty) highly preferred
• 2+ years of hands-on experience in securing cloud workloads, specifically with one or more of the major cloud service providers (e.g., AWS, Azure, Google Cloud Platform)
• Proven impact in one or more of the following Security domains as it relates to Cloud Security: Secrets and Keys Management Security, Identity & Access Management IAM Security, Network Security, and Endpoint Security
• Proven expertise in CSPM, IAM, endpoint security, and cloud firewall implementations (WAF, NSG)
• Prior automation experience in the aforementioned security domains highly desired
• Proficiency with automation and scripting languages (e.g., Python, PowerShell, CLI) to streamline cloud security operations highly desired
• Strong understanding of network security protocols, cryptography, PKI, SSL/TLS, and VPNs
• Knowledge of compliance frameworks and standards such as GDPR, CCPA, PCI, CPA, NIST, and ISO/IEC 27001, & 27002, SOC 2, etc.
• Excellent interpersonal and communication skills, able to work collaboratively in a team environment and communicate security concepts to a non-technical audience
• Knowledge and experience with Palo Alto Prisma Cloud, Uptycs, and CrowdStrike SAAS preferred.
• Experience with WAF, Suricata/Zeek, CDN and/or associated technologies preferred
• Demonstrated knowledge and experience with troubleshooting open-source software and code review to ensure integrity and reliability preferred
• Be able to support on-call, escalation, high-paced/fast tempo production in a global environment
• Prior experience in e-commerce or technology industry preferred

Pay
$118,500.00 min - $202,000.00 max annually, Bonus & RSU offered.
Benefits and Culture
Healthcare (medical, dental, vision, prescription drugs)
Health Savings Account with Employer Funding
Flexible Spending Accounts (Healthcare and Dependent care)
Company-Paid Basic Life/AD&D insurance
Company-Paid Short-Term and Long-Term Disability
Voluntary Benefit Offerings (Voluntary Life/AD&D, Hospital Indemnity, Critical Illness, and Accident)
Employee Assistance Program
Business Travel Accident Insurance
401(k) savings plan with discretionary company match and access to a financial advisor
Vacation, Paid holidays and sick days
Employee Discounts
Perks (HQ Location)
Free weekly catered lunch at HQ
Dog-Friendly office
Free Gym Access at HQ
Free Swag Giveaways
Annual Holiday Party
Invitations to pop-ups and other company events
Complimentary daily office snacks and beverages
Free Shuttle Service from HQ to LA Union Station
SHEIN Distribution is an equal opportunity employer committed to a diverse workplace environment.
Show more Show less
Top skills for this role
IT Integration
Web Application Firewalls
Cloud Security
Content Distribution Networks
DevSecOps
EDR
Automation
Crowdstrike Falcon
DevOps
Scripting
Strengthen your skills with these courses
Employer-provided
Pay range in Los Angeles, CA
Exact compensation may vary based on skills, experience and location
Base pay range
$118,500.00/yr - $202,000.00/yr