Senior Security Engineer (Application Security)

Company: SHEIN Technology LLC
Location: Anaheim
Posted on: June 25, 2022

Job Description:

Job Title: Senior Security Engineer - (Application Security)Job Function: Global Security and Risk ManagementJob Location: LA or Remote
About SHEINSHEIN Distribution Corporation distributes SHEIN's products in the U.S. Founded in 2012, SHEIN is a leading global online retailer with operations in Guangzhou, Singapore and Los Angeles, along with other key markets. SHEIN reaches consumers across more than 150 countries and regions around the world. We place a premium on choice, delivering more than 6,000 new fashion, beauty and lifestyle products daily with more than 600,000 items available. Our mission is to help people express their individuality through the latest trends that are accessible and affordable. To learn more about SHEINTo learn more about SHEIN follow us @us.shein.com,sheingroup.com, Instagram.com/sheinofficial, Instagram.com/shein_us, youtube.com/shein.
Position Summary: SHEIN Global Security and Risk Management (GSRM) is a global security organization that oversees security infrastructure, risk management, data privacy, governance and regulatory compliance across SHEIN's global footprint. It is composed of a team of security professionals, innovators and thought leaders that have had decades of global security experience, led large scale transformations, and served in Fortune 500 executive roles.
Here, innovation isn't simply about protecting and defending our company. We develop solutions that are practical today and scalable tomorrow; and we create collaborative teams dedicated to innovation across each of our businesses to share our common values and vision.
The Senior Security Engineers focus will be critical to the environment, while focused on cloud and premise application security. The engineer within GSRM, is responsible for leading the design, implementation and execution of platform, policy, playbook and protocol development for reliability engineering. There will be a close relationship between the security engineering and operations (SOC) teams supporting, data ingest, incident response and vulnerability mitigation. This Engineering expert will ensure all application security controls and technologies are evaluated, enabled, monitored and built with efficacy and effectiveness to meet or exceed industry guidelines. Engineering members will contribute toward baselining established polices and SLAs, across all aspects of the security operating framework and making recommendations for constant improvement, while keeping the business and customer experience in mind.
This Security Engineer should have a deep technical understanding of network, application, host and network security practices, as well as all incident response protocols and practices. Must be familiar with security industry standards and best practices, and must be able to effectively work with development, application and operational counterparts, across a broad deeply technical environment in all security areas common within an e-commerce and technology industry. He or she should also have extensive experience in security data analytics, intelligence & threat hunting, vulnerability management and digital forensics. This Security Engineer will also assist their leadership with ensuring all security tools and technologies are properly supported, implemented and sufficiently met the needs for which they are deployed to protect SHEIN confidential and proprietary data.
Core Responsibilities:

• Lead and support application security reviews, code review and threat analysis
• Baseline and report on current application security status, while recommending/implementing fixes and enhancements to strengthen overall application security
• Understand and evaluate end-to-end user & 3rd Party connectivity, to cloud-based and enterprise application systems and services
• Comprehensive understanding of AWS/Azure/Google Cloud/Tencent/Alibaba type providers and enterprise type architectures
• Partner with and lead threat hunting and incident response teams on current and appropriate penetration testing techniques
• Provide security trainings and knowledge transfer to cross-functional teams
• Collaborate with the security reliability engineering, change management, threat hunting, vulnerability management and incident response functions and participate in any day-to-day cross functional relationships to fulfill business needs
• Participate in creating and updating new strategy, project plans and policy documents based on security and data protection requests that map to SHEIN's business requirements
• When needed liaise with external agencies, such as law enforcement, standards and technology organization, advisory bodies and industry and peer working groups as necessary, to ensure that the organization maintains a strong security posture and technical congruency
• Work directly with business units to facilitate change requests, incident response protocols, data analysis, solution requirements and technology roadmaps to ensure compliance with industry and regulatory standards
• Establish credibility throughout the organization by earning the reputation for being a proactive security engineer
• Engineer application protection type technologies sustaining high-availability service levels and ensure fulfillment of business-wide service levels
• Demonstrates continuous effort to improve system security while maintaining the best possible performance, streamline work processes and work cooperatively and provide quality seamless customer service
  Skills and Qualifications:
  • A minimum of 5 years of experience in networking, security cloud and premise and experience in e-commerce or technology industry preferred
  • Experience with program languages similar to Python, Java, Perl, etc---
  • Possess a Bachelor's degree or higher in the field of engineering, computer science or equivalent advance technology field of study
  • Strong knowledge of data privacy regulations and guidelines similar to GDPR, CCPA, PCI, CPA etc.
  • Experience building and running from ground up segmented, secure and platform managed application security principles.
  • Must have experience partnering with external governance and compliance parties on meeting regulatory requirements and assessing emerging threats and mitigations.
  • Strong working and practical knowledge of security monitoring, threat hunting, log management, SIEM and data analytics.
  • Experience with change management lifecycle, development and regular preparation of management status and key metrics reports
  • Should have strong process and procedure ownership experience for audit and control systems
  • Ability to translate cyber security threats from a technical perspective to business-line understanding and execution
  • Ability to work with extremely technical staff working on very sensitive subject areas and with extremely sensitive information
  • High level of personal integrity, with the ability to professionally handle confidential matters and exudes the appropriate level of judgment and maturity
  • Should have strong written and verbal communication skills as well as a sense of ownership, urgency and drive
  • Must be able to support on-call, escalation and high-paced/ fast tempo production environments
  • Must be a strong communicator with exceptional verbal and written communication skills to translate the vision and strategy into clear priorities and direction, both internally and externally.
    SHEIN Technology is an equal opportunity employer committed to a diverse workplace environment.

Keywords: SHEIN Technology LLC, Anaheim , Senior Security Engineer (Application Security), Engineering , Anaheim, California