Sr. ProdSec Engineer

Job Summary:

The Cybersecurity Engineer position is a hands-on role that involves evaluating and enforcing cybersecurity and compliance controls. This position plays an integral role in protecting iHerb’s from internal and external threats and works closely with our technology teams to define and implement the security best practices, perform architecture and design reviews, threat modeling, conduct security assessments, and support the identification, interpretation, and remediation of threat and vulnerabilities across iHerb’s tech stack.

Job Expectations:

Design, and develop, cloud security solutions in AWS and other technologies to drive automation to secure critical and sensitive data, services, applications, and infrastructure across our fast-growing organization.

• Design, develop, coordinate, and document the secure operation of information systems and develop best practices for securing enterprise-wide data and information systems

• Develop and deploy automated security solutions by leveraging security toolchains in the cloud environments to detect, prevent and remediate security issues.

• Collaborate and develop “Security as code” that enables the technology and security engineering team to operate at high speed and widescale

• Develop procedures to automate security tasks that seamlessly integrate into code builds and deployments

• Participate in architecture and design reviews with development/DevOps staff to incorporate effective security standards into design

• Evaluate and respond to global information technology security threats in relation to cloud technologies, systems and recommend security changes in response to emergent threats

• Must be able to perform hands-on support for a wide range of security technologies including, but not limited to: Pipeline security, DevSecOps, CloudFormation templates, Terraform, Docker, Kubernetes, SIEM, IPS, and Vulnerability Scanners

The duties and responsibilities described above may provide only a partial description of this position. This is not an exhaustive list of all aspects of the job.  Other duties and responsibilities not outlined in this document may be added as necessary or desirable, with or without notice.

Knowledge, Skills, and Abilities:

Required:

• Bachelor’s degree in related field of study or equivalent work-related experience 

• 4+ years of experience in system, network, cloud security, and risk management.

• Hand-on experience with Python and Infrastructure as Code for cloud environments.

• Good experience with a wide range of AWS tools, AWS native Security Services, and practical experience with AWS cloud.

• Experience implementing security practices in CI/CD environment – Ansible, Harness, Jenkins, etc.

• Excellent at multitasking, and open to constant learning

Excellent problem solving and analytical skills; outstanding oral and written communication skills

#LI-JC1