Job Title: Senior Security Engineer I
Reports to: Manager, Security Engineering
Job Location: Los Angeles, CA, USA
Job Status: Exempt, FT
About SHEIN
SHEIN is a global online fashion and lifestyle retailer, offering SHEIN branded apparel and products from global network of vendors, all at affordable prices. Headquartered in Singapore, SHEIN remains committed to making the beauty of fashion accessible to all, promoting its industry-leading, on demand production methodology, for a smarter, future-ready industry. Founded in 2012, SHEIN has more than 16,000 employees operating from offices around the world, and continues to expand operations globally. Join SHEIN and be the future!
Position Summary
SHEIN Global Security and Risk Management (GSRM) is a global security organization that oversees security infrastructure, risk management, data privacy, business fraud, governance, and regulatory compliance across SHEIN’s global footprint. It is composed of a team of security professionals, innovators and thought leaders that have had decades of global security experience, led large scale transformations, and served in Fortune 500 executive roles.
We are seeking a highly experienced and seasoned Senior Security Engineer (IAM) (Official Title: Senior Security Engineer I) for our Los Angeles-based corporate office with at least 3 years of experience in Cloud Identity and Access Management (IAM) and Cloud Security. Experience in Cloud Networking is preferred but not mandatory. The successful candidate will be responsible for designing, implementing, and maintaining security measures to protect our cloud infrastructure and services. This role requires a deep understanding of cloud platforms from at least one of the three major providers (Azure, AWS, or GCP), security best practices, and a proactive approach to identifying and mitigating risks.
We are looking for a motivated candidate, who thrives on challenges, adapts to change quickly, and stays ahead of the curve in the ever-evolving cybersecurity landscape.
You will work with like-minded, motivated engineers across many disciplines to design, secure, and make a difference in the company’s security architecture. You should have a deep technical understanding of how IDAM functions in the cloud with PKI, application, host and network security practices, as well as all incident response protocols and practices. Join our team and bring your unique blend of grit to persevere through challenges, a driven nature to achieve, and independent thinking skills for resolving problems.
Job Responsibilities
- Lead the strategy, design, implementation, and management of Identity and Access Management IAM solutions for cloud environments (e.g., AWS, Azure, Google Cloud).
- Manage and configure user roles, permissions, and access controls to ensure secure access to cloud resources.
- Develop, enforce, and conduct regular audits of IAM policies, procedures, and standards to ensure the secure and efficient management of identities and access controls in collaboration with compliance while automating controls to achieve efficiency.
- Develop and enforce security policies, procedures, and standards for cloud infrastructure.
- Collaborate with DevOps and development teams to integrate security into the CI/CD pipeline.
- Design and implement secure cloud networking architectures, including VPCs, subnets, firewalls, and VPNs.
- Ensure secure configuration and management of cloud network resources.
- Troubleshoot and resolve network security issues and incidents.
- Maintain up-to-date knowledge of emerging cloud networking technologies and trends.
- Collaborate with IT, security, and engineering teams to integrate Cloud IAM solutions with existing systems and applications.
- Conduct regular security assessments and audits of Cloud systems to identify and mitigate risks.
- Stay current with emerging security threats, vulnerabilities, technologies, trends, best practices, and recommend improvements to enhance SHEIN's security posture.
- Provide security guidance, expertise to cross-functional teams, technical leadership and mentorship to junior security engineers.
- Prepare and maintain security documentation, including architecture diagrams, configurations, and incident reports.
- Manage and resolve cloud-related security incidents, providing expert analysis and remediation strategies.
- Participate in security audits and compliance initiatives.
- Work closely with global teams, bridging cultural and geographical differences to ensure cohesive and effective collaboration.
- Oversee the lifecycle management of cloud assets, including provisioning, deprovisioning, and access reviews.
- Ensure compliance with relevant regulations, standards, and industry best practices in all cloud security initiatives.
- Advocate and enforce principles of least privilege and zero trust across global operations, ensuring identity verification, risk-based authentication, and layered defense mechanisms.
Job Requirements
- Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field is preferred. A Master's degree is a plus.
- Minimum of 3+ years of hands-on experience in Cloud IAM, Cloud Security, and/or Cloud Networking is preferred.
- Expertise in PKI technologies in relation to Cloud infrastructure is highly preferred.
- Relevant certifications (e.g., CISSP, CCSP, AWS Certified Security Specialty, Azure Security Engineer) are highly preferred.
- Proficiency in scripting, automation, along with one of the following languages: Python, PowerShell, Golang, Java highly is preferred.
- Solid understanding of network security protocols, cryptography, SSL/TLS, and VPNs a plus.
- Experience with WAF, Akamai, Cloudflare, Suricata/Zeek, CDN and/or associated technologies a plus.
- Experience with security tools and technologies (e.g., SIEM, IDS/IPS, DLP, WAF).
- Strong understanding of Cloud security principles and experience with Cloud platforms such as AWS, Azure, or Google Cloud.
- Proven experience in leading Cloud projects and initiatives in large, complex organizations.
- In-depth knowledge of Cloud technologies, including authentication, authorization, SSO, MFA, and federated identity management.
- Familiarity with Cloud protocols and standards such as SAML, OAuth, OpenID Connect, and LDAP.
- Proficiency in scripting and automation tools to integrate and automate security processes and applications.
- Experienced working in a fast-paced, high-growth environment. Must be able to support on-call, escalation and fast tempo production environments.
- Experience partnering with governance and compliance parties on meeting regulatory requirements and assessing emerging threats and mitigations preferred.
- Excellent problem-solving skills and attention to detail.
- Strong communication skills and the ability to work effectively in a team-oriented environment.
Pay
$118,500.00 min. - $202,000.00 max annually. Bonus & RSU offered.
Benefits and Perks
- Healthcare (medical, dental, vision, prescription drugs)
- Health Savings Account with Employer Funding
- Flexible Spending Accounts (Healthcare and Dependent care)
- Company-Paid Basic Life/AD&D insurance
- Company-Paid Short-Term and Long-Term Disability
- Voluntary Benefit Offerings (Voluntary Life/AD&D, Hospital Indemnity, Critical Illness, and Accident)
- Employee Assistance Program
- Business Travel Accident Insurance
- 401(k) Savings Plan with discretionary company match and access to a financial advisor
- Vacation, paid holidays, floating holiday and sick days
- Employee discounts
- Free weekly catered lunch
- Dog-friendly office (available at select locations)
- Free gym access (available at select locations)
- Free swag giveaways
- Annual Holiday Party
- Invitations to pop-ups and other company events
- Complimentary daily office snacks and beverages
SHEIN Technology LLC is an equal opportunity employer committed to a diverse workplace environment.