Remote Sr. Cloud Security Engineer

Description:

• The Cybersecurity Engineer position is a hands-on role that involves evaluating and enforcing cybersecurity and compliance controls.
• This position plays an integral role in protecting iHerb from internal and external threats.
• The role requires close collaboration with technology teams to define and implement security best practices.
• Responsibilities include performing architecture and design reviews, threat modeling, conducting security assessments, and supporting the identification, interpretation, and remediation of threats and vulnerabilities across iHerb’s tech stack.
• The engineer will design and develop cloud security solutions in AWS and other technologies to drive automation for securing critical and sensitive data, services, applications, and infrastructure.
• Duties include designing, developing, coordinating, and documenting the secure operation of information systems and developing best practices for securing enterprise-wide data.
• The role involves developing and deploying automated security solutions using security toolchains in cloud environments to detect, prevent, and remediate security issues.
• Collaboration is required to develop “Security as code” that enables the technology and security engineering team to operate at high speed and scale.
• The engineer will develop procedures to automate security tasks that integrate seamlessly into code builds and deployments.
• Participation in architecture and design reviews with development/DevOps staff is necessary to incorporate effective security standards into design.
• The engineer must evaluate and respond to global information technology security threats related to cloud technologies and systems, recommending security changes in response to emergent threats.
• Hands-on support for a wide range of security technologies is required, including Pipeline security, DevSecOps, CloudFormation templates, Terraform, Docker, Kubernetes, SIEM, IPS, and Vulnerability Scanners.

Requirements:

• A Bachelor’s degree in a related field of study or equivalent work-related experience is required.
• Candidates must have 4+ years of experience in system, network, cloud security, and risk management.
• Hands-on experience with Python and Infrastructure as Code for cloud environments is necessary.
• Good experience with a wide range of AWS tools and AWS native Security Services is required, along with practical experience with AWS cloud.
• Experience implementing security practices in a CI/CD environment using tools such as Ansible, Harness, and Jenkins is essential.
• Candidates should possess excellent multitasking abilities and be open to constant learning.
• Strong problem-solving and analytical skills are required, along with outstanding oral and written communication skills.

Benefits:

• Employees and their families that meet eligibility criteria can participate in medical, dental, vision, and basic life insurance programs.
• Employees may enroll in the company’s 401(k) plan.
• Time Off and Paid Sick Leave are available according to the company’s policies.
• Paid holidays are provided throughout the calendar year.
• Hired applicants may be awarded Restricted Stock Units and receive annual bonuses based on eligibility and performance criteria.
• For more information on iHerb benefits, employees can visit iHerbBenefits.com.