Senior InfoSec Engineer - CloudSec Focus

3 days ago

Apply Now

Receive Emails with Similar Jobs

iHerb, LLC

WebsiteLinkedInAll Job Openings

Vitamins • Sports Nutrition • Natural Supplements and Remedies • Natural Foods • Environment Friendly Goods

1001 - 5000

Description

• The Cybersecurity Engineer position is a hands-on role that involves evaluating and enforcing cybersecurity and compliance controls. • This position plays an integral role in protecting iHerb’s from internal and external threats and works closely with our technology teams to define and implement the security best practices, perform architecture and design reviews, threat modeling, conduct security assessments, and support the identification, interpretation, and remediation of threat and vulnerabilities across iHerb’s tech stack. • Design, and develop, cloud security solutions in AWS and other technologies to drive automation to secure critical and sensitive data, services, applications, and infrastructure across our fast-growing organization. • Design, develop, coordinate, and document the secure operation of information systems and develop best practices for securing enterprise-wide data and information systems. • Develop and deploy automated security solutions by leveraging security toolchains in the cloud environments to detect, prevent and remediate security issues. • Collaborate and develop “Security as code” that enables the technology and security engineering team to operate at high speed and widescale. • Develop procedures to automate security tasks that seamlessly integrate into code builds and deployments. • Participate in architecture and design reviews with development/DevOps staff to incorporate effective security standards into design. • Evaluate and respond to global information technology security threats in relation to cloud technologies, systems and recommend security changes in response to emergent threats. • Must be able to perform hands-on support for a wide range of security technologies including, but not limited to: Pipeline security, DevSecOps, CloudFormation templates, Terraform, Docker, Kubernetes, SIEM, IPS, and Vulnerability Scanners.

Requirements

• Bachelor’s degree in related field of study or equivalent work-related experience • 4+ years of experience in system, network, cloud security, and risk management. • Hand-on experience with Python and Infrastructure as Code for cloud environments. • Good experience with a wide range of AWS tools, AWS native Security Services, and practical experience with AWS cloud. • Experience implementing security practices in CI/CD environment – Ansible, Harness, Jenkins, etc. • Excellent at multitasking, and open to constant learning • Excellent problem solving and analytical skills; outstanding oral and written communication skills

Benefits

• Employees (and their families) that meet eligibility criteria as outlined in applicable plan documents are eligible to participate in our medical, dental, vision, and basic life insurance programs and may enroll in our company’s 401(k) plan. • Employees will also be eligible for Time Off and Paid Sick Leave pursuant to the company’s policies. • Employees will enjoy paid holidays throughout the calendar year. • Hired applicant may be awarded Restrict Stock Units and receive annual bonuses pursuant to eligibility and performance criteria defined in the respective plan documents and policies.