Staff Security Engineer

Yesterday

Apply Now

Receive Emails with Similar Jobs

ShipBob, Inc.

WebsiteLinkedInAll Job Openings

eCommerce • Logistics • SaaS

ShipBob, Inc. is a comprehensive 3PL (third-party logistics) service provider specializing in e-commerce order fulfillment. They offer a full stack fulfillment platform with OMS, IMS, RMS, ERP, and analytics to automate and streamline fulfillment processes. With a focus on omnichannel and B2B capabilities, ShipBob assists businesses in selling across online and in-person channels while offering services like inventory management, customization for unique unboxing experiences, and end-to-end managed freight. Their global network enables efficient 2-day shipping across the continental US and facilitates global expansion with fulfillment centers in multiple countries. Additionally, ShipBob integrates with popular eCommerce platforms like Shopify and Amazon, supporting a wide range of industries including health, beauty, and apparel. Their technology-driven approach enhances supply chain automation, providing reliable and transparent logistics solutions worldwide.

501 - 1000 employees

Founded 2014

🛍️ eCommerce

☁️ SaaS

💰 $200M Series E on 2021-06

📋 Description

• Design and implement access control solutions for cloud-based applications and infrastructure using tools such as Azure AD, M365, Google Workspace, Salesforce, etc. • Monitor and audit access control activities and events for anomalies. • Develop and enforce access control policies and standards based on the principle of least privilege and role-based access control. • Develop and automate security workflows, playbooks, and tools to improve efficiency and effectiveness of security operations. • Develop relevant policies, procedures, and guidelines for access control and ensure compliance with, and support audits for, various standards, including but not limited to ISO270001 and SOC2. • Design and configure Azure Active Directory (AAD) for effective access management to be used within Azure and leveraged in other applications such as Retool and SSMS. • Research and evaluate emerging threats and security technologies and provide recommendations for enhancing our security posture. • Collaborate with other security team members and stakeholders across the organization to share knowledge and best practices. • Work closely with all teams to continuously provide technology requirements and use cases for enabling technologies including but not limited to SIEM, SOAR, Case Management, GRC, EDR, Intrusion Detection Systems, Web Proxy/Content Filtering, Active Directory, and PKI. • Proactively search for, identify, and analyze new and existing techniques to detect advanced and targeted threats. • Participate in risk assessments and implement controls to mitigate identified risks. • Additional duties and responsibilities as necessary.

🎯 Requirements

• 6+ years of hands-on work experience with security architecture and engineering in a cyber security operations program. • 4+ years of experience in an access control security engineering or related role. • Sound knowledge and experience with access control frameworks and tools, such as IAM, RBAC, ABAC, OAuth, SAML, etc. • In-depth knowledge of Azure services, especially Azure Active Directory, Azure AD Identity Protection, and Azure RBAC. • Demonstrated experience in designing and implementing access controls in cloud environments, particularly with Azure. • Track record of integrating security practices into the software development process. • Track record of integrating security practices into database systems such as SSMS. • Excellent knowledge of cloud security, network security, endpoint security, and threat intelligence. • Proficiency in scripting languages such as Python, PowerShell, Go, or Bash. • Established experience securing cloud-based infrastructures; Azure, M365, Google Workspace, Salesforce, etc. • Excellent fundamental knowledge of industry standard frameworks such as MITRE ATT&CK. • Desire to solve response challenges with automation. • Demonstrated ability designing and deploying security controls across all security domains such as access management, data protection, vulnerability management, incident response and management, application security, network security, preventive, detective, and offensive security solutions. • Solid design and solution implementation skills for a Zero Trust Architecture. • Outstanding interpersonal and communication skills with the ability to influence both internally and externally, and to deliver multi-functional alignment and action.

🏖️ Benefits

• Medical, Term & Accidental Insurance • All Purpose Leave (casual & sick time): 12 days • Earned Leave: 15 days • Public Holiday: 12 days • Generous Maternity & Paternity Leave • Quarterly Wellness Day • Work From Home Allowance